Cabletron Systems SEHI-32/34 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Cabletron Systems SEHI-32/34, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Cabletron Systems SEHI-32/34 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Cabletron Systems SEHI-32/34. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Cabletron Systems SEHI-32/34 should contain:
- informations concerning technical data of Cabletron Systems SEHI-32/34
- name of the manufacturer and a year of construction of the Cabletron Systems SEHI-32/34 item
- rules of operation, control and maintenance of the Cabletron Systems SEHI-32/34 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Cabletron Systems SEHI-32/34 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Cabletron Systems SEHI-32/34, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Cabletron Systems service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Cabletron Systems SEHI-32/34.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Cabletron Systems SEHI-32/34 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    Portable Management Application for the SEHI-22/24 and SEHI-32/34 User’s Guide ® The Complete Networking Solution[...]

  • Page 2

    [...]

  • Page 3

    i Notice Cabletron Systems r eserves the right to make changes in specifications and other information contained in this document without prior notice. The reader should in all cases consult Cabletr on Systems to determine whether any such changes have been made. The hardwar e, firmware, or softwar e described in this manual is subject to change [...]

  • Page 4

    ii Restricted Rights Notice (Applicable to licenses to the United States Government only .) 1. Use, duplication, or disclosure by the Government is subject to r estrictions as set forth in subparagraph (c) (1) (ii) of the Rights in T echnical Data and Computer Software clause at DF ARS 252.227-7013. Cabletron Systems, Inc., 35 Industrial W ay , Roc[...]

  • Page 5

    iii Contents Chapter 1 Intr oduction to SPMA f or the SEHI-22/24 and SEHI-32/34 Using the SEHI User ’s Guide ...................................................................................... 1-1 What’s NOT in the SEHI User ’s Guide . . . ........................................................ 1-3 Conventions ............................[...]

  • Page 6

    Contents iv V iewing and Configuring Link/Seg T raps for Ports ........................................ 3-5 Chapter 4 Repeater Redundancy Setting Network Circuit Redundancy ........................................................................ 4-1 Configuring a Redundant Circuit ..................................................................[...]

  • Page 7

    1-1 Chapter 1 Intr oduction to SPMA f or the SEHI-22/24 and SEHI-32/34 How to use the SEHI User’ s Guide; manual conv entions; contacting Cabletron T echnical Suppor t; SEHI fir mw are versions supported by SPMA The SEHI-22/24 and SEHI-32/34 are intelligent r epeating hubs that provide fr ont panel ports for network connections and a rear -panel[...]

  • Page 8

    Introduction to SPMA f or the SEHI-22/24 and SEHI-32/34 1-2 Using the SEHI User’ s Guide applications can be accessed from the icon menu (if you ar e using a management platform) and from the command line (if you ar e running in stand-alone mode); in addition, several applications can also be accessed from within the Hub V iew , a graphical displ[...]

  • Page 9

    Conv entions 1-3 Introduction to SPMA f or the SEHI-22/24 and SEHI-32/34 What’ s NO T in the SEHI User’ s Guide . . . The following standard SPMA tools are available through the SEHI module and are explained in the SPECTRUM Portable Management Application T ools Guide : • Charts, Graphs and Meters • MAC Address Locator • Community Names ?[...]

  • Page 10

    Introduction to SPMA f or the SEHI-22/24 and SEHI-32/34 1-4 Conv entions Some windows within SPMA applications can be re-sized; those windows will display the standard window r esizing handles employed by your windowing system. Re-sizing a window doesn’t re-size the information in the window; it just changes the amount of information that can be [...]

  • Page 11

    Conv entions 1-5 Introduction to SPMA f or the SEHI-22/24 and SEHI-32/34 Figure 1-2. The History W indow Using the Mouse The UNIX mouse has three buttons. Pr ocedures within the SPMA document set refer to these buttons as follows: Figure 1-3. Mouse Buttons If you’re using a two-button mouse, don’t worry . SPMA doesn’t make use of mouse button[...]

  • Page 12

    Introduction to SPMA f or the SEHI-22/24 and SEHI-32/34 1-6 Getting Help Whenever possible, we will instruct you on which mouse button to employ; however , menu buttons within SPMA applications will operate according to the convention employed by the active windowing system. By convention, menu buttons under the Motif windowing environment ar e act[...]

  • Page 13

    SEHI Fir mw are 1-7 Introduction to SPMA f or the SEHI-22/24 and SEHI-32/34 For additional information about Cabletron Systems pr oducts, visit our W orld W ide W eb site: http://www .cabletron.com/ SEHI Firmware SPMA for the SEHI has been tested against firmware versions 1.10.04 and 1.05.03; if you have an earlier version of firmware and experie[...]

  • Page 14

    Introduction to SPMA f or the SEHI-22/24 and SEHI-32/34 1-8 SEHI Firmware[...]

  • Page 15

    2-1 Chapter 2 Using the SEHI Hub Vie w Navigating through the Hub View , monitoring hub performance; managing the hub The heart of the SPECTRUM Portable Management Application (SPMA) for the SEHI is the Hub V iew , a graphical interface that gives you access to many of the functions that provide contr ol over the device. Using the Hub Vie w There a[...]

  • Page 16

    Using the SEHI Hub View 2-2 Using the Hub View Navigating Thr ough the Hub View W ithin the Hub V iew ( Figure 2-1 ), you can click mouse buttons in differ ent areas of the window to access various menus and initiate certain management tasks. The following sections describe the information displayed in the Hub V iew Front Panel and how to use the m[...]

  • Page 17

    Using the Hub View 2-3 Using the SEHI Hub View Uptime The time that the device has been running without interruption. The counter resets to 0 days 00:00:00 (X days HH:MM:SS) when one of the following occurs: • Power to the device is cycled. • The device is reset manually . Date and Time The date and time are taken fr om the device’s internal [...]

  • Page 18

    Using the SEHI Hub View 2-4 Using the Hub View Clicking on the Device button displays the Device menu, Figure 2-2 . Figure 2-2. SEHI Hub V iew Device Menu The Device menu lets you perform the following: • Open the Device Status window • Open the Repeater Status window • Open the Polling Intervals window • Open the Statistics windows • Cre[...]

  • Page 19

    Using the Hub View 2-5 Using the SEHI Hub View If you need to call Cabletron’s T echnical Support about a problem with the Hub V iew application, you’ll need the information provided in the Info window ( Figure 2-3 ): Figure 2-3. Hub Information W indow Clicking mouse button 1 on the Quit button closes all Hub V iew application windows; any ope[...]

  • Page 20

    Using the SEHI Hub View 2-6 Using the Hub View Figure 2-4. Mousing Around a Ports Display Hub View P or t Color Codes The Port Status boxes in the Hub V iew are color coded to indicate the port’s connection status. The colors are consistent for all Port Display Forms except Admin Status; the exceptions are noted below . • Green indicates that t[...]

  • Page 21

    Monitoring Hub P erf or mance 2-7 Using the SEHI Hub View • Blue indicates that the port has been disabled through management. • Y ellow indicates that the port is enabled but does not currently have a valid connection. This usually indicates that the device at the other end of the segment is turned off. • Red indicates that the port is enabl[...]

  • Page 22

    Using the SEHI Hub View 2-8 Monitoring Hub P erformance • Device, Module, and Port status descriptions. • Device, Module, and Port statistics, which provide a complete br eakdown of packet activity . • Device, Module, and Port-level pie charts, graphs and meters, for a graphic repr esentation of the types and levels of traffic passing thr ou[...]

  • Page 23

    Monitoring Hub P erf or mance 2-9 Using the SEHI Hub View For error type descriptions, see Checking Statistics , page 2-15 . Frame Sizes Displays a percentage for each active port that r epresents what portion of that port’s traffic is of a specific size, measur ed in bytes. Y ou can display any one of the following frame sizes: • Runts (pack[...]

  • Page 24

    Using the SEHI Hub View 2-10 Monitoring Hub P erf or mance • Active Ports displays either YES or NO for any active (gr een) port, indicating whether or not that port has seen any traffic at all since the device was last initialized or the counters were last r eset; this port display form can tell you whether any port whose statistics are not cur[...]

  • Page 25

    Monitoring Hub P erf or mance 2-11 Using the SEHI Hub View Date and Time Displays the current date and time fr om the SEHI’s internal clock. Although the fields are static in the window , the front panel display is a real-time pr esentation. T o change the name, location, contact, date, or time: 1. Highlight the appropriate field and type the n[...]

  • Page 26

    Using the SEHI Hub View 2-12 Monitoring Hub P erf or mance 2. Press Enter or Return on the k eyboard to sa ve y our changes. Active Users Displays the number of active source addr esses communicating through this module. Module T ype The type of module you are viewing (SEH- or SEHI-22, 24, 32, or 34). Chec king Repeater Status The Repeater Status w[...]

  • Page 27

    Monitoring Hub P erf or mance 2-13 Using the SEHI Hub View Chec king P or t Status Y ou can open a Port Status window ( Figure 2-9 ) for any port in the SEHI- controlled HUBStack. T o open the Port Status window: 1. Clic k mouse button 1 in the P or t Index box. or 1. Clic k mouse b utton 3 in the Port Index or P or t Status bo x to displa y the P [...]

  • Page 28

    Using the SEHI Hub View 2-14 Monitoring Hub P erf or mance • Inactive — The device at the other end of the cable is turned off, ther e is a break in the cable, or ther e is no device or cable connected. • Not Supported — The selected port does not support the Link feature, so the SEHI cannot determine link status; this value will show only [...]

  • Page 29

    Monitoring Hub P erf or mance 2-15 Using the SEHI Hub View • Multi-Mode Fiber: ST EPIM • Single-Mode Fiber: ST EPIM T opology T ype Indicates how the port is being used. The available types are: • Station —The port is receiving packets fr om no devices, a single device, or two devices. Note that a port in station status may actually be conn[...]

  • Page 30

    Using the SEHI Hub View 2-16 Monitoring Hub P erf or mance T o view device statistics at the Device, Module, or Port levels: 1. Displa y the De vice, Module , or P or t menu b y clicking mouse button 3 in the appropriate area (refer to Figure 2-5 , page 2-7 ). 2. Drag do wn to Statistics and then right to either General/Errors or Protocols/Frames a[...]

  • Page 31

    Monitoring Hub P erf or mance 2-17 Using the SEHI Hub View Multicast P ackets The number of multicast packets received by this device, module, or port since the window was last opened or reset. Multicast packets ar e simultaneously addressed to mor e than one address, but fewer than all addr esses. Collisions The number of collisions recor ded by t[...]

  • Page 32

    Using the SEHI Hub View 2-18 Monitoring Hub P erf or mance 802.3 specifications, or a node on the net is transmitting without first listening for carrier sense (and beginning its illegal transmission more than 51.2 µ s after the first station began transmitting). Note that in both cases, the occurrence of the errors can be intermittent: in the [...]

  • Page 33

    Monitoring Hub P erf or mance 2-19 Using the SEHI Hub View counted as CRC errors had only CRC err ors — they were of legal size (not runts or giants) and had no truncated bytes. Y ou also know that any packet less than 64 bytes long has been counted as a runt, even if it also had alignment and/or CRC problems (which is likely if the r unt is the [...]

  • Page 34

    Using the SEHI Hub View 2-20 Managing the Hub Figure 2-1 1. The Port Source Address List T o view a port’s Source Address List: 1. Displa y the P or t menu by clic king mouse button 3 in the appropriate P or t Status bo x. 2. Drag do wn to Source Ad dress List and release. The Source Address List window displays addr esses of all devices that hav[...]

  • Page 35

    Managing the Hub 2-21 Using the SEHI Hub View Figure 2-12. SEHI Polling Intervals Setting the P olling Intervals T o set the polling intervals used by SPMA and the SEHI: 1. Clic k on the Device b utton to display the De vice menu. 2. Drag do wn to P olling Inter vals , and release. The SEHI P olling Inter vals window , Figure 2-12 , will appear . 3[...]

  • Page 36

    Using the SEHI Hub View 2-22 Managing the Hub Device General Status This polling interval controls how often the Hub V iew Front Panel Information — such as Uptime, Device Name, and so forth — and some port status information is updated. Device Configuration This polling interval controls how often a survey is conducted of the devices installe[...]

  • Page 37

    Managing the Hub 2-23 Using the SEHI Hub View ! CA UTION When disabling all ports on a module, make sure you don’ t disable the port through which your management station is communicating with the HUBStack, or you will lose contact with the stack.[...]

  • Page 38

    Using the SEHI Hub View 2-24 Managing the Hub[...]

  • Page 39

    3-1 Chapter 3 Link/Seg T raps What are Link and Segmentation traps; enabling and disab ling these traps at the de vice, module, and por t le vels Among the traps which Cabletron devices ar e designed to generate are traps which indicate when a repeater port gains or loses a link signal, when the r epeater segments (disconnects) a port due to collis[...]

  • Page 40

    Link/Seg T raps 3-2 What is a Link T rap? What is a Link T rap? Some Cabletron Ethernet r epeater ports — including RJ45 twisted pair and fiber optic ports — generate a link signal to monitor the status of their connection with the device at the other end of the cable segment. If the cable is removed or br oken, the port’s link status goes t[...]

  • Page 41

    Enabling and Disab ling Link/Seg T raps 3-3 Link/Seg T raps from the Hub View: 1. Clic k on to displa y the Device men u. 2. Drag do wn to Link/Seg T raps and release. from the command line (stand-alone mode): 1. F rom the appropr iate directory , type spmarun r4hwtr <IP address> <community name> The main Repeater Link/Seg T raps window[...]

  • Page 42

    Link/Seg T raps 3-4 Enabling and Disab ling Link/Seg T raps Configuring Link/Seg T raps for the Repeater T o enable or disable Link and Segmentation traps for all ports on a repeater: 1. In the Repeater Link/Seg T raps window , click mouse button 1 on the repeater interf ace for which y ou would like to configure link and segmentation traps . 2. [...]

  • Page 43

    Enabling and Disab ling Link/Seg T raps 3-5 Link/Seg T raps Figure 3-3. The Module T raps W indow 3. In the Module T raps window , click mouse button 1 to select the module f or which you wish to configure link and segmentation tr aps. If the Set T rap Status For field displa ys Selected Modules (the def ault setting), y ou can clic k to select a[...]

  • Page 44

    Link/Seg T raps 3-6 Enabling and Disab ling Link/Seg T raps 2. Clic k mouse button 1 on ; the P or t T raps window , Figure 3-4 , will appear . Figure 3-4. The Port T raps W indow 3. In the por t traps windo w , click mouse b utton 1 to select the por t or por ts for which you wish to configure tr aps. If the Set T rap Status For field displa ys [...]

  • Page 45

    4-1 Chapter 4 Repeater Redundanc y This chapter describes how to configure and enable redundant circuits . Setting Netw ork Cir cuit Redundancy The redundancy application gives you the ability to define r edundant circuits for your SEHI to ensure that critical network connections r emain operational. Each circuit has a designated primary port and[...]

  • Page 46

    Repeater Redundancy 4-2 Setting Network Circuit Redundancy spmarun r4red <IP address> <community name> The main Repeater Redundancy window , Figure 4-1 , will appear . Figure 4-1. The Repeater Redundancy W indow Configuring a Redundant Cir cuit T o establish or edit a redundant cir cuit: 1. In the Repeater Redundancy window , click mou[...]

  • Page 47

    Setting Network Circuit Redundancy 4-3 Repeater Redundancy Figure 4-2. The Channel X Redundancy W indow 2. If y ou want to change a circuit’ s name or the number of retries, highlight the appropriate circuit and click . The Change Circuit window , Figure 4-3 , will appear . Figure 4-3. The Change Circuit W indow In the appropriate box es, enter a[...]

  • Page 48

    Repeater Redundancy 4-4 Setting Network Circuit Redundancy of retries you can enter into this field is 0-16. Be sure to click on bef ore exiting the windo w to save y our changes. 3. With the appropriate Circuit Name highlighted, click to access the Add Circuit Address window , Figure 4-4 . Figure 4-4. The Add Circuit Address W indow In this windo[...]

  • Page 49

    Monitoring Redundancy 4-5 Repeater Redundancy diff erent por t to be Primar y or Active, the original Primar y or Activ e por t automatically resets to Backup/Inactiv e. 6. Once y ou hav e configured all the por ts that compose the redundant circuit, enable the circuit b y clicking . T o clear the settings in one circuit, highlight the Cir cuit Na[...]

  • Page 50

    Repeater Redundancy 4-6 Monitoring Redundancy 1. In the All Circuits bo x, type in a new v alue in the Poll Interv al field and click . P oll Inter val is the time in seconds betw een retr ies (if the first attempt is unsuccessful). T o set the T est T ime : 1. In the All Circuits bo x, type a ne w test time in the T est Time field in a 24-hour [...]

  • Page 51

    5-1 Chapter 5 Sour ce Addressing Displa ying the Source Address list; setting the Ageing Time; selecting the Hash T ype; eff ects of Source Address Locking; configur ing Source Address traps; finding a Source Address. Displa ying the Sour ce Address List The Source Address List, or T able (SA T), contains the MAC address and its associated vendor[...]

  • Page 52

    Source Addressing 5-2 Displa ying the Source Address List The Repeater Source Address window , Figur e 5-1 , will appear . Figure 5-1. The Repeater Source Address W indow The Repeater Source Address window pr ovides a list of the repeater interfaces available on the SEHI, as well as command buttons that allow you to display the Source Address List [...]

  • Page 53

    Displa ying the Source Address List 5-3 Source Addressing Figure 5-2. The Source Address List W indow The Source Address List window displays addr esses of all devices that have transmitted packets through the SEHI within a time period less than the SA T’s defined ageing time (addresses that have not transmitted a packet during one complete cycl[...]

  • Page 54

    Source Addressing 5-4 Setting the Hash T ype Setting the Ageing Time The source addr ess list Ageing T ime determines the minimum amount of time an inactive source addr ess will remain in the Sour ce Address T able before it is purged. The sour ce address timer r uns continuously beginning at the time the device is turned on; source addr esses that[...]

  • Page 55

    Locking Source Addresses 5-5 Source Addressing 2. Clic k mouse button 1 on ; the Channel X Source Address List window , Figure 5-2 ( page 5-3 ), will appear . 3. In the Hash T ype field, click mouse b utton 1 on the appropriate selection to apply Dec or nonDec hashing to all por ts on the selected repeater channel. 4. Clic k mouse button 1 on to s[...]

  • Page 56

    Source Addressing 5-6 Locking Source Addresses In addition to activating the security measures as configur ed via the Security application, locking source addr esses has the following effects: • On devices running older versions of firmwar e, unlinked ports will be disabled immediately after locking has been enabled; these ports can be re- enab[...]

  • Page 57

    Configuring Source Address T raps 5-7 Source Addressing • A port’s topology status (station or trunk) remains fixed while locking is in effect, even if the number of detected addr esses changes. • Any ports disabled due to a violation (or because they were unlinked when locking was enabled) must be manually re-enabled via their Port menus, [...]

  • Page 58

    Source Addressing 5-8 Configuring Source Address T raps • PortT ypeChanged traps are issued when a port’s topology status changes from station to tr unk, or vice versa. The interesting information includes the board and port index, and the port’s new topology status. •A lockStatusChanged trap is generated when the ports in the hub are lock[...]

  • Page 59

    Configuring Source Address T raps 5-9 Source Addressing As with device-level trap status, a status of Other for any module indicates that there is some combination of enabled and disabled sour ce address traps on the ports in that module. T o configure trap status for all ports on a selected module or modules: 1. In the Module Source Address T ra[...]

  • Page 60

    Source Addressing 5-10 Configuring Source Address T raps Figure 5-3. The Module Source Address T raps W indow T o enable or disable port-level traps: 1. In the P or t Source Address T raps windo w ( Figure 5-4 , page 5-11 ), click mouse button 1 to select the port or por ts for which y ou wish to enable or disable tr aps. If the Set T rap Status F[...]

  • Page 61

    Finding a Source Address 5-11 Source Addressing Figure 5-4. The Port Source Address T raps W indow 2. Clic k on the appropriate selection in the T rap Status field to enable or disab le traps f or the selected por t(s), as desired. 3. Clic k on to sav e your changes. Finding a Sour ce Address Y ou can use the button to locate a source addr ess in [...]

  • Page 62

    Source Addressing 5-12 Finding a Source Address T o find a source addr ess: 1. Clic k mouse button 1 on in the Source Address List windo w ( Figure 5-2 , page 5-3 ); the Find Source Address window , Figure 5-5 , will appear . Figure 5-5. Find Source Address W indow 2. In the MA C Address field, enter the source address you wish to locate in a he [...]

  • Page 63

    Finding a Source Address 5-13 Source Addressing Figure 5-6. Results of MAC Address Sear ch 4. Clic k on to exit the window .[...]

  • Page 64

    Source Addressing 5-14 Finding a Source Address[...]

  • Page 65

    6-1 Chapter 6 Security Launching the Security application; LANVIEW SECURE defined; configur ing security; enabling security and traps at the repeater , hub , and por t le vels; secur ity on non-LANVIEW SECURE Hubs The Security application allows you to configure and manage the LANVIEW SECURE feature incorporated into the new generation of Cablet[...]

  • Page 66

    Security 6-2 What is LANVIEWsecure? from the command line (stand-alone mode): 1. F rom the appropr iate directory , type spmarun r4sec <IP address> <SU community name> The Repeater Security window , Figure 6-1 , will appear . Figure 6-1. The Repeater Security W indow The Repeater Security window provides a list of the r epeater interfac[...]

  • Page 67

    What is LANVIEWsecure? 6-3 Security secure port, and can be configur ed to secure both station and tr unk ports; eavesdropper pr otection scrambles the data portion of any packet transmitted via a secure port to all but the destination port, and can be extended to br oadcast and multicast packets as well as packets destined for a single address. S[...]

  • Page 68

    Security 6-4 What is LANVIEWsecure? Configurable violation response Before LANVIEW S ECURE , any locked port which experienced a violation was shut down automatically; now , you can choose to allow ports to remain enabled even after an unsecured addr ess has attempted to access a locked port. If you choose not to disable a port which has experienc[...]

  • Page 69

    What is LANVIEWsecure? 6-5 Security Forced non-secure status W ith the original version of LANVIEW SECURE , all ports except those which had been forced to tr unk status could be locked, and would be locked automatically if locking were enabled at the r epeater or hub level. W ith the enhanced version of LANVIEW SECURE , this has changed in two way[...]

  • Page 70

    Security 6-6 Configuring Secur ity intruder will be to issue a trap after the first violation; all packets, r egardless of source addr ess, will be allowed to pass. Forced non-secure status W ith the enhanced version of LANVIEW SECURE , even ports on non- LANVIEW SECURE Hubs can be forced to an unsecurable status (as long as they are curr ently u[...]

  • Page 71

    Configuring Secur ity 6-7 Security Figure 6-2. Channel A Port Security W indow The top portion of the window contains a list box which displays each port communicating on the selected channel, designated by hub and port number . Each port’s current Lock Status, violation r esponse, Security Level, and T rap status is also displayed. Note that an[...]

  • Page 72

    Security 6-8 Configuring Secur ity from the selected por ts: a trap will be sent after the first violation, but all pack ets, regardless of source address, will be allow ed to pass. P or ts in this state still hav e active ea vesdropper protection. 3. The Security Le vel field allo ws you to select which pac kets not addressed to the selected po[...]

  • Page 73

    Configuring Secur ity 6-9 Security Figure 6-3. The Addresses W indow 3. On the left side of the window , the Learned Addresses list bo x will displa y all source addresses detected by the selected port dur ing the last ageing inter v al (see Chapter 4, Source Ad dress , f or more information on the ageing inter v al). On the right side of the wind[...]

  • Page 74

    Security 6-10 Configuring Secur ity Figure 6-4. Add MAC Address W indow d. Enter the desired MA C address in an xx:xx:xx:xx:xx:xx f or mat, then clic k on . A confir mation windo w will appear ; if you click on Ye s to secure the address, it will appear in the Secure Ad dresses list bo x. 4. T o secure addresses f or additional por ts, clic k to [...]

  • Page 75

    Configuring Secur ity 6-11 Security 4. Clic k to select the Reset Learned Addresses option. A confirmation window will appear ; click on to reset addresses, or on to cancel. The por t’ s address table will be cleared of all Learned and Secure addresses, and the lear ning process will restar t. Tips f or Successfully Implementing Ea vesdr opper [...]

  • Page 76

    Security 6-12 Enabling Security and T raps Enabling Security and T raps Y ou can enable or disable all applicable protections by locking or unlocking ports via the repeater , hub, or port Security window , as described in the sections below . There ar e two levels of lock status to choose from: if you select Full lock status, the port will stop lea[...]

  • Page 77

    Enabling Security and T raps 6-13 Security Repeater -level Security and T raps Locking ports at the repeater , or channel, level applies all applicable security (as configured via the Port Security window) to every port on the channel. T o enable or disable security and traps for all ports on a repeater: 1. In the Repeater Security window , click [...]

  • Page 78

    Security 6-14 Enabling Security and T raps Figure 6-5. Channel A Security W indow 3. In the Security Mode field, clic k mouse b utton 1 on the appropr iate selection to apply Full or Continuous loc k status to all por ts on the selected repeater channel, or to Unlock all ports on the channel. (Note that if your SEHI does not suppor t the new est s[...]

  • Page 79

    Enabling Security and T raps 6-15 Security displa yed in the list bo x; a repeater whose por ts hav e diff erent Security Mode or T rap settings will display a status of “Mismatch. ” Figure 6-6. Channel A Module Security W indow 3. Use the Set Security For field or the mouse to select the hub or hubs f or which you wish to configure security [...]

  • Page 80

    Security 6-16 Enabling Security and T raps 1. In the Repeater Security window , click to selected the desired repeater interf ace, or channel, in the scroll list. 2. Clic k ; the Channel A P or t Secur ity window , Figure 6-7 , will appear . Figure 6-7. Channel A Port Security W indow 3. Use the Set Security For field or the mouse to select the po[...]

  • Page 81

    Enabling Security and T raps 6-17 Security 5. Clic k on the appropriate selection in the Send T rap field to Enable or Disable traps f or the selected por t(s). 6. Clic k on to sa ve your changes; each por t’ s new status will be displa yed in the list bo x. Click on to close the window .[...]

  • Page 82

    Security 6-18 Enabling Security and T raps[...]

  • Page 83

    A-1 Appendix A SEHI MIB Structure SEHI management inf or mation base configuration IETF MIB Suppor t In addition to its proprietary featur es, the SEHI-22/24 and SEHI-32/34 currently support the following IETF MIB: • RFC 1213 MIB for Network Management of TCP/IP-based Internets: MIB-II SEHI MIB Structure Cabletron’s newer intelligent devices ?[...]

  • Page 84

    SEHI MIB Structure A-2 SEHI MIB Structure community names; the Chassis MGR community names are the same as those assigned via Local Management. SEHI LIM The SEHI LIM, or Local Management, component contains the objects that provide out-of-band management via the Console port on the SEHI’s fr ont panel. No objects from this component ar e used for[...]

  • Page 85

    SEHI MIB Structure A-3 SEHI MIB Structure Newer versions of devices with this component-based MIB architectur e have been simplified somewhat; these devices support a single, global set of community names, with small modifications added automatically to accommodate multiple instances of the same MIB component (as occurs with the SEHI’s Network [...]

  • Page 86

    SEHI MIB Structure A-4 SEHI MIB Structure[...]

  • Page 87

    Inde x-1 Index A active port 4-4 Active Users 2-12, 2-14, 2-20 Add Circuit Address 4-4 Admin Status 2-9 Admin/Link Status 2-9 Ageing T ime 5-3, 5-4 Ageing T imer 2-20 Alignment Errors 2-17 A vg Packet Size 2-16 B Broadcast Packets 2-16 C Change Name/Retries 4-3 Charts and Meters 1-3 Chassis MGR A-1 Circuit Name 4-4 Collisions 2-8, 2-17 color codes [...]

  • Page 88

    Inde x Inde x-2 Info window 2-5 intruder pr otection 6-2 IP Addr ess 2-3 IP Services A-2 L LANVIEWsecure 6-2 on non-secure MIMs 6-5 learnModeChange trap 6-12 learnStateChange trap 6-12 LIM A-2 Link signal 2-6, 2-9 Link Status 2-13 link traps 3-1 Link/Seg T raps 2-4 Load 2-8 Local Management A-2 Location 2-3, 2-10 lock modes 6-3, 6-4 Locking Source [...]

  • Page 89

    Inde x-3 Inde x Set T rap Status For 3-5, 3-6, 5-9, 5-10 Setting Network Circuit Redundancy 4-1 Source Addr ess 2-4 Source Address List 5-1 source addr ess locking 5-5 Source Address T raps 5-8 sourceAddr essT imeout trap 5-7, 6-12 spmarun 3-3, 5-1, 6-2 stand-alone mode 1-3, 2-4 Station 2-15 station ports 5-5, 5-6, 6-3, 6-5 Statistics 2-15, 2-22 ge[...]

  • Page 90

    Inde x Inde x-4[...]