Home » Netgear Manuals » Hubs & Switches » Netgear XCM89UP » Manual Viewer

Netgear XCM89UP Web Management User Guide - Page 406

Authentication List Configuration, Login Authentication List

Add to My Manuals
Save this manual to your list of manuals

Page 406 highlights

M6100 Web Management User Guide 4. Use Key String to specify the authentication and encryption key for TACACS communications between the device and the TACACS server. The valid range is 0-128 characters. The key must match the key used on the TACACS server. 5. Use Connection Timeout to specify the amount of time that passes before the connection between the device and the TACACS server time out. The range is between 1-30. 6. Click Add to add a new server to the switch. This button is only available to READWRITE users. These changes will not be retained across a power cycle unless a save is performed. 7. Click Delete to delete the selected server from the configuration. Authentication List Configuration The Authentication List link contains links to the following pages: • Login Authentication List on page 406 • Enable Authentication List on page 407 • Dot1x Authentication List on page 408 • HTTP Authentication List on page 409 • HTTPS Authentication List on page 410 Login Authentication List You use this page to configure login lists. A login list specifies the authentication method(s) you want to be used to validate switch or port access for the users associated with the list. The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you cannot delete. All newly created users are also assigned to the defaultList until you specifically assign them to a different list. Two default lists are present: DefaultList and networkList. To display the Login Authentication List page, click Security > Management Security > Authentication List > Login Authentication List. 1. List Name - If you are creating a new login list, enter the name you want to assign. It can be up to 15 alphanumeric characters long and is not case sensitive. 2. Use the menu to select the method that should appear first in the selected authentication login list. If you select a method that does not time out as the first method, such as 'local', no other method will be tried, even if you have specified more than one method. The options are: • Enable- the privileged EXEC password will be used for authentication. • Line- the line password will be used for authentication. Managing Device Security 406

Section	Page
M6100 Web Management User Guide	1
Contents	3
1. Getting Started	9
Switch Management Interface	9
Web Access	9
Understanding the User Interfaces	10
Using the Web Interface	10
Using SNMP	14
Interface Naming Convention	15
2. Configuring System Information	16
Management	16
System Information	17
System CPU Status	22
Switch Statistics	24
USB Device Information	27
Loopback Interface	29
Network Interface	30
Time	37
DNS	43
SDM Template Preference	45
Green Ethernet Configuration	47
Device View	55
Services	55
DHCP Server	55
DHCP Relay	64
DHCP L2 Relay	65
UDP Relay	67
DHCPv6 Server	70
DHCPv6 Relay	78
Chassis	79
Basic Chassis Configuration	79
Advanced Chassis Configuration	82
NSF	92
PoE	94
Basic	94
Advanced	96
SNMP	99
SNMP V1/V2	99
SNMP V3	104
LLDP	105
LLDP	105
LLDP-MED	113
ISDP	121
Basic	121
Advanced	122
Timer Schedule	126
Timer Global Configuration	126
Timer Schedule Configuration	127
3. Configuring Switching Information	130
VLANs	130
Basic	131
Advanced	132
Auto-VoIP	144
Protocol-based	144
OUI-based	145
iSCSI	148
iSCSI Global Configuration	148
iSCSI Sessions	150
iSCSI Targets Configuration	150
iSCSI Sessions Detailed	151
Spanning Tree Protocol	152
Basic	152
Advanced	154
Multicast	166
MFDB	167
IGMP Snooping	168
MLD Snooping	176
MVR Configuration	182
Basic	183
Advanced	184
Address Table	188
Basic	188
Advanced	189
Ports	192
Port Configuration	192
Port Description	194
Port Transceiver	195
Link Aggregation Groups	196
LAG Configuration	197
LAG Membership	198
Multiswitch Link Aggregation Group	200
Virtual Port Channel Global Configuration	200
Virtual Port Channel Interface Configuration	204
Virtual Port Channel Interface Details	205
Virtual Port Channel Keepalive Statistics	207
Virtual Port Channel Peer Link Statistics	208
4. Routing	211
Routing Table	211
Basic	211
Advanced	213
IP	217
Basic	217
Advanced	223
IPv6	233
IPv6 Basic	233
IPv6 Advanced	235
VLAN	249
VLAN Routing Wizard	249
VLAN Routing Configuration	250
ARP	251
Basic	252
Advanced	252
RIP	256
Basic RIP Configuration	256
Advanced RIP Configuration	256
OSPF	262
Basic OSPF Configuration	262
Advanced OSPF Configuration	263
OSPFv3	294
Basic OSPFv3 Configuration	294
Advanced OSPFv3 Configuration	295
Router Discovery	321
Virtual Router Redundancy Protocol	322
Basic VRRP Configuration	322
Advanced VRRP Configuration	323
Multicast	330
Multicast Mroute Table	331
Multicast Global Configuration	332
Multicast Interface Configuration	333
Multicast DVMRP	333
Multicast IGMP	339
Multicast PIM	347
Multicast Static Routes Configuration	353
Multicast Admin Boundary Configuration	353
IPv6 Multicast	354
IPv6 Multicast Mroute Table	354
IPv6 Multicast PIM	355
IPv6 Multicast MLD	361
IPv6 Multicast Static Routes Configuration	369
5. Configuring Quality of Service	370
Class of Service	370
Basic	371
Advanced	372
Differentiated Services	378
DiffServ Wizard	379
Basic	380
Advanced	382
6. Managing Device Security	395
Management Security Settings	395
Local User	395
Enable Password Configuration	397
Line Password Configuration	398
RADIUS	399
TACACS	404
Authentication List Configuration	406
Login Sessions	411
Configuring Management Access	411
HTTP	411
HTTPS	413
SSH	416
Telnet	419
Console Port	421
Denial of Service Configuration	422
Access Control	424
Port Authentication	427
Basic	427
Advanced	429
Traffic Control	436
MAC Filter	437
Port Security	439
Private Group	442
Protected Ports Configuration	444
Private VLAN	444
Storm Control	448
Control	451
DHCP Snooping	451
IP Source Guard	455
Dynamic ARP Inspection	457
Captive Portal	461
Configuring Access Control Lists	471
ACL Wizard	471
Basic	474
Advanced	479
7. Monitoring the System	496
Ports	496
Port Statistics	496
Port Detailed Statistics	498
EAP Statistics	504
Cable Test	505
Logs	506
Buffered Logs	506
Command Log Configuration	508
Console Log Configuration	508
Syslog Configuration	509
Trap Logs	510
Event Logs	511
Persistent Logs	512
Mirroring	513
Multiple Port Mirroring	513
sFlow	515
Basic	515
Advanced	516
8. Maintenance	519
Save Configuration	519
Save Configuration	519
Auto Install Configuration	520
Reset	520
Device Reboot	520
Power Cycle	521
Factory Default	521
Password Reset	522
Upload File From Switch	522
File Upload	523
HTTP File Upload	524
USB File Upload	525
Download File To Switch	526
File Download	526
HTTP File Download	528
USB File Download	530
File Management	530
Copy	531
Dual Image Configuration	531
Troubleshooting	532
Ping IPv4	532
Ping IPv6	534
Traceroute IPv4	535
Traceroute IPv6	537
Full Memory Dump	538
9. Help	540
Registration	540
Online Help	540
Support	540
User Guide	541
A. Default Settings	542
B. Configuration Examples	545
Virtual Local Area Networks (VLANs)	545
VLAN Example Configuration	546
Access Control Lists (ACLs)	547
MAC ACL Example Configuration	548
Standard IP ACL Example Configuration	549
Differentiated Services (DiffServ)	550
Class	550
DiffServ Traffic Classes	551
Creating Policies	551
DiffServ Example Configuration	552
802.1X	554
802.1X Example Configuration	555
MSTP	556
MSTP Example Configuration	558

Match case Limit results 1 per page

Managing Device Security

406

M6100 Web Management User Guide

Use

Key String

to specify the authentication and encryption key for TACACS

communications between the device and the TACACS server. The valid range is 0-128

characters. The key must match the key used on the TACACS server.

Use

Connection Timeout

to specify the amount of time that passes before the connection

between the device and the TACACS server time out. The range is between 1-30.

Click

Add

to add a new server to the switch. This button is only available to READWRITE

users. These changes will not be retained across a power cycle unless a save is performed.

Click

Delete

to delete the selected server from the configuration.

Authentication List Configuration

The Authentication List link contains links to the following pages:

•

on page

406

•

Enable Authentication List

on page

407

•

Dot1x Authentication List

on page

408

•

HTTP Authentication List

on page

409

•

HTTPS Authentication List

on page

410

You use this page to configure login lists. A login list specifies the authentication method(s)

you want to be used to validate switch or port access for the users associated with the list.

The pre-configured users, admin and guest, are assigned to a pre-configured list named

defaultList, which you cannot delete. All newly created users are also assigned to the

defaultList until you specifically assign them to a different list.

Two default lists are present: DefaultList and networkList.

To display the Login Authentication List page, click

Security > Management Security >

Authentication List > Login Authentication List

List Name

- If you are creating a new login list, enter the name you want to assign. It

can be up to 15 alphanumeric characters long and is not case sensitive.

Use the menu to select the method that should appear first in the selected authentication

other method will be tried, even if you have specified more than one method. The options

are:

•

Enable

- the privileged EXEC password will be used for authentication.

•

Line

- the line password will be used for authentication.