- Computers & electronics
- Software
- Nortel Networks
- Nortel Secure Network Access Switch 4050
- User's manual
Before you begin. Nortel Networks Nortel Secure Network Access Switch 4050
Add to my manuals922 Pages
advertisement
26 Preface
The document provides instructions for initializing and customizing the features using the Command Line Interface (CLI). To learn the basic structure and
operation of the Nortel SNAS 4050 CLI, refer to “CLI reference” on page 803 .
This reference guide provides links to where the function and syntax of each CLI command are described in the document. For information on accessing the CLI,
see “The Command Line Interface” on page 769 .
Security & Routing Element Manager (SREM) is a graphical user interface (GUI) that runs in an online, interactive mode. SREM allows the management of multiple devices (for example, the Nortel SNAS 4050) from one application. To use SREM, you must have network connectivity to a management station running
SREM in one of the supported environments. For instructions on installing and starting SREM, refer to Installing and Using the Security & Routing Element
Manager (320199-A).
Before you begin
This guide is intended for network administrators who have the following background:
• basic knowledge of networks, Ethernet bridging, and IP routing
• familiarity with networking concepts and terminology
• experience with windowing systems or GUIs
• basic knowledge of network topologies
Before using this guide, you must complete the following procedures. For a new switch:
1 Install the switch.
For installation instructions, see Nortel Secure Network Access Switch 4050
Installation Guide (320846-A).
2 Connect the switch to the network.
For more information, see
“The Command Line Interface” on page 769 .
Ensure that you are running the latest version of Nortel SNAS 4050 software. For
.
320818-A
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 1 Nortel Secure Network Access Switch 4050 User Guide
- 5 Contents
- 25 Preface
- 26 Before you begin
- 27 Text conventions
- 28 Related information
- 28 Publications
- 29 Online
- 29 How to get help
- 31 Overview
- 31 The Nortel SNA solution
- 32 Elements of the NSNA solution
- 32 Supported users
- 33 Role of the Nortel SNAS 4050
- 39 Nortel SNAS 4050 clusters
- 40 One-armed and two-armed configurations
- 42 Nortel SNA configuration and management tools
- 43 Nortel SNAS 4050 configuration roadmap
- 49 Initial setup
- 50 Before you begin
- 51 About the IP addresses
- 52 Initial setup
- 52 Setting up a single Nortel SNAS 4050 device or the first in a cluster
- 61 Adding a Nortel SNAS 4050 device to a cluster
- 66 Next steps
- 67 Applying and saving the configuration
- 68 Applying and saving the configuration using the CLI
- 68 Applying and saving the configuration using the SREM
- 71 Managing the network access devices
- 72 Before you begin
- 73 Managing network access devices using the CLI
- 73 Roadmap of domain commands
- 75 Adding a network access device using the CLI
- 79 Deleting a network access device using the CLI
- 80 Configuring the network access devices using the CLI
- 82 Mapping the VLANs using the CLI
- 84 Managing SSH keys using the CLI
- 89 Monitoring switch health using the CLI
- 90 Controlling communication with the network access devices using the CLI
- 91 Managing network access devices using the SREM
- 91 Adding a network access device using the SREM
- 93 Deleting a network access device using the SREM
- 93 Configuring the network access devices using the SREM
- 96 Mapping the VLANs using the SREM
- 102 Managing SSH keys using the SREM
- 111 Monitoring switch health using the SREM
- 113 Viewing a connected client list using the SREM
- 115 Controlling communication with the network access devices using the SREM
- 117 Configuring the domain
- 118 Configuring the domain using the CLI
- 119 Roadmap of domain commands
- 121 Creating a domain using the CLI
- 129 Deleting a domain using the CLI
- 130 Configuring domain parameters using the CLI
- 132 Configuring the TunnelGuard check using the CLI
- 135 Configuring the SSL server using the CLI
- 144 Configuring HTTP redirect using the CLI
- 145 Configuring advanced settings using the CLI
- 146 Configuring RADIUS accounting using the CLI
- 150 Configuring the domain using the SREM
- 151 Creating a domain using the SREM
- 163 Deleting a domain using the SREM
- 164 Configuring domain parameters using the SREM
- 168 Configuring the TunnelGuard check using the SREM
- 174 Configuring the SSL server using the SREM
- 181 Configuring HTTP redirect using the SREM
- 183 Configuring RADIUS accounting using the SREM
- 191 Configuring groups and profiles
- 192 Overview
- 192 Groups
- 194 Linksets
- 194 TunnelGuard SRS rule
- 195 Extended profiles
- 196 Before you begin
- 196 Configuring groups and extended profiles using the CLI
- 197 Roadmap of group and profile commands
- 198 Configuring groups using the CLI
- 201 Configuring client filters using the CLI
- 203 Configuring extended profiles using the CLI
- 206 Mapping linksets to a group or profile using the CLI
- 208 Creating a default group using the CLI
- 208 Configuring groups and extended profiles using the SREM
- 208 Configuring groups using the SREM
- 213 Configuring client filters using the SREM
- 219 Configuring extended profiles using the SREM
- 223 Mapping linksets to a group or profile using the SREM
- 230 Creating a default group using the SREM
- 233 Configuring authentication
- 234 Overview
- 235 Before you begin
- 236 Configuring authentication using the CLI
- 237 Roadmap of authentication commands
- 239 Configuring authentication methods using the CLI
- 241 Configuring advanced settings using the CLI
- 242 Configuring RADIUS authentication using the CLI
- 249 Configuring LDAP authentication using the CLI
- 261 Configuring local database authentication using the CLI
- 267 Specifying authentication fallback order using the CLI
- 269 Configuring authentication using the SREM
- 270 Configuring authentication methods using the SREM
- 271 Configuring RADIUS authentication using the SREM
- 282 Configuring LDAP authentication using the SREM
- 298 Configuring local database authentication using the SREM
- 314 Specifying authentication fallback order using the SREM
- 316 Saving authentication settings
- 317 TunnelGuard SRS Builder
- 318 Configuring SRS rules
- 318 The TunnelGuard user interface
- 319 Menu commands
- 322 SRS definition toolbar
- 323 Software Definition - Available SRS list
- 323 SRS Components table
- 325 Memory snapshot
- 325 TunnelGuard Rule Definition screen
- 327 Managing TunnelGuard rules and expressions
- 327 Creating a software definition
- 328 Adding entries to a software definition
- 333 Creating logical expressions
- 338 Registry-based rules
- 343 Manually creating SRS entries
- 347 File age check
- 348 Adding comments
- 349 Deleting SRS rules and their components
- 351 TunnelGuard support for API calls
- 351 Making API calls
- 353 Managing system users and groups
- 354 User rights and group membership
- 355 Managing system users and groups using the CLI
- 355 Roadmap of system user management commands
- 356 Managing user accounts and passwords using the CLI
- 358 Managing user settings using the CLI
- 359 Managing user groups using the CLI
- 360 CLI configuration examples
- 370 Managing system users and groups using the SREM
- 370 Managing user accounts using the SREM
- 374 Setting password expiry using the SREM
- 376 Changing your password using the SREM
- 377 Changing another user’s password using the SREM
- 379 Setting the certificate export passphrase using the SREM
- 381 Managing user groups using the SREM
- 385 Customizing the portal and user logon
- 386 Overview
- 386 Captive portal and Exclude List
- 389 Portal display
- 397 Managing the end user experience
- 398 Customizing the portal and logon using the CLI
- 398 Roadmap of portal and logon configuration commands
- 401 Configuring the captive portal using the CLI
- 401 Configuring the Exclude List using the CLI
- 402 Changing the portal language using the CLI
- 406 Configuring the portal display using the CLI
- 409 Changing the portal colors using the CLI
- 410 Configuring custom content using the CLI
- 412 Configuring linksets using the CLI
- 414 Configuring links using the CLI
- 417 Customizing the portal and logon using the SREM
- 417 Configuring the captive portal using the SREM
- 420 Changing the portal language using the SREM
- 426 Configuring the portal display using the SREM
- 432 Changing the portal colors using the SREM
- 434 Configuring custom content using the SREM
- 440 Configuring linksets using the SREM
- 445 Configuring links using the SREM
- 457 Configuring system settings
- 459 Configuring the cluster using the CLI
- 460 Roadmap of system commands
- 464 Configuring system settings using the CLI
- 465 Configuring the Nortel SNAS 4050 host using the CLI
- 469 Configuring host interfaces using the CLI
- 471 Configuring static routes using the CLI
- 472 Configuring host ports using the CLI
- 473 Managing interface ports using the CLI
- 474 Configuring the Access List using the CLI
- 475 Configuring date and time settings using the CLI
- 477 Configuring DNS servers and settings using the CLI
- 480 Configuring RSA servers using the CLI
- 481 Configuring syslog servers using the CLI
- 483 Configuring administrative settings using the CLI
- 485 Enabling TunnelGuard SRS administration using the CLI
- 485 Configuring Nortel SNAS 4050 host SSH keys using the CLI
- 488 Configuring RADIUS auditing using the CLI
- 492 Configuring authentication of system users using the CLI
- 495 Configuring the cluster using the SREM
- 496 Configuring system settings using the SREM
- 497 Configuring a Nortel SNAS 4050 host using the SREM
- 508 Configuring host interfaces using the SREM
- 514 Configuring static routes using the SREM
- 520 Configuring host ports using the SREM
- 523 Managing interface ports using the SREM
- 525 Configuring the access list using the SREM
- 528 Managing date and time settings using the SREM
- 532 Configuring DNS settings using the SREM
- 534 Configuring servers using the SREM
- 546 Configuring administrative settings using the SREM
- 547 Configuring SRS control settings using the SREM
- 548 Configuring Nortel SNAS 4050 host SSH keys using the SREM
- 553 Adding an SSH key for a known host using the SREM
- 554 Managing RADIUS audit settings using the SREM
- 562 Managing RADIUS authentication of system users using the SREM
- 569 Managing certificates
- 570 Overview
- 571 Key and certificate formats
- 573 Creating certificates
- 573 Installing certificates and keys
- 574 Saving or exporting certificates and keys
- 574 Updating certificates
- 575 Managing private keys and certificates using the CLI
- 576 Roadmap of certificate management commands
- 577 Managing and viewing certificates and keys using the CLI
- 579 Generating and submitting a CSR using the CLI
- 584 Adding a certificate to the Nortel SNAS 4050 using the CLI
- 587 Adding a private key to the Nortel SNAS 4050 using the CLI
- 588 Importing certificates and keys into the Nortel SNAS 4050 using the CLI
- 591 Displaying or saving a certificate and key using the CLI
- 594 Exporting a certificate and key from the Nortel SNAS 4050 using the CLI
- 596 Generating a test certificate using the CLI
- 597 Managing private keys and certificates using the SREM
- 598 Viewing certificates using the SREM
- 599 Creating a certificate using the SREM
- 601 Generating and submitting a CSR using the SREM
- 603 Importing a certificate or key using the SREM
- 605 Displaying or saving a certificate and key using the SREM
- 607 Exporting a certificate and key from the Nortel SNAS 4050 using the SREM
- 610 Viewing certificate information using the SREM
- 617 Configuring SNMP
- 618 Configuring SNMP using the CLI
- 619 Roadmap of SNMP commands
- 620 Configuring SNMP settings using the CLI
- 621 Configuring the SNMP v2 MIB using the CLI
- 622 Configuring the SNMP community using the CLI
- 623 Configuring SNMPv3 users using the CLI
- 626 Configuring SNMP notification targets using the CLI
- 627 Configuring SNMP events using the CLI
- 631 Configuring SNMP settings using the SREM
- 632 Configuring SNMP using the SREM
- 634 Configuring SNMP targets using the SREM
- 640 Configuring SNMPv3 users using the SREM
- 647 Configuring SNMP events using the SREM
- 659 Viewing system information and performance statistics
- 660 Viewing system information and performance statistics using the CLI
- 660 Roadmap of information and statistics commands
- 661 Viewing system information using the CLI
- 666 Viewing alarm events using the CLI
- 667 Viewing log files using the CLI
- 667 Viewing AAA statistics using the CLI
- 670 Viewing all statistics using the CLI
- 670 Viewing system information and performance statistics using the SREM
- 670 Viewing local information using the SREM
- 672 Viewing cluster information using the SREM
- 698 Viewing AAA statistics using the SREM
- 716 Viewing Ethernet statistics using the SREM
- 723 Maintaining and managing the system
- 724 Managing and maintaining the system using the CLI
- 725 Roadmap of maintenance and boot commands
- 726 Performing maintenance using the CLI
- 730 Backing up or restoring the configuration using the CLI
- 733 Managing Nortel SNAS 4050 devices using the CLI
- 734 Managing software for a Nortel SNAS 4050 device using the CLI
- 736 Managing and maintaining the system using the SREM
- 736 Performing maintenance using the SREM
- 742 Backing up or restoring the configuration using the SREM
- 743 Managing Nortel SNAS 4050 devices and software using the SREM
- 752 Downloading files using the SREM
- 754 Running Nortel SNAS 4050 diagnostics using the SREM
- 757 Upgrading or reinstalling the software
- 757 Upgrading the Nortel SNAS 4050
- 758 Performing minor and major release upgrades
- 760 Activating the software upgrade package
- 763 Reinstalling the software
- 763 Before you begin
- 765 Reinstalling the software from an external file server
- 767 Reinstalling the software from a CD
- 769 The Command Line Interface
- 770 Connecting to the Nortel SNAS 4050
- 770 Establishing a console connection
- 772 Establishing a Telnet connection
- 773 Establishing a connection using SSH
- 775 Accessing the Nortel SNAS 4050 cluster
- 777 CLI Main Menu or Setup
- 777 Command line history and editing
- 777 Idle timeout
- 779 Configuration example
- 779 Scenario
- 782 Steps
- 782 Configure the network DNS server
- 783 Configure the network DHCP server
- 789 Configure the network core router
- 790 Configure the Ethernet Routing Switch 8300 using the CLI
- 793 Configure the Ethernet Routing Switch 5510
- 795 Configure the Nortel SNAS 4050
- 803 CLI reference
- 804 Using the CLI
- 804 Global commands
- 806 Command line history and editing
- 807 CLI shortcuts
- 810 Using slashes and spaces in commands
- 810 IP address and network mask formats
- 811 Variables
- 812 CLI Main Menu
- 812 CLI command reference
- 814 Information menu
- 815 Statistics menu
- 816 Configuration menu
- 835 Boot menu
- 836 Maintenance menu
- 837 Troubleshooting
- 837 Troubleshooting tips
- 838 Cannot connect to the Nortel SNAS 4050 using Telnet or SSH
- 841 Cannot add the Nortel SNAS 4050 to a cluster
- 841 Cannot contact the MIP
- 843 The Nortel SNAS 4050 stops responding
- 844 A user password is lost
- 845 A user fails to connect to the Nortel SNAS 4050 domain
- 845 Trace tools
- 847 System diagnostics
- 847 Installed certificates
- 847 Network diagnostics
- 849 Active alarms and the events log file
- 849 Error log files
- 851 Syslog messages
- 851 Syslog messages by message type
- 852 Operating system (OS) messages
- 853 System Control Process messages
- 857 Traffic Processing Subsystem messages
- 860 Start-up messages
- 861 AAA subsystem messages
- 863 NSNAS subsystem messages
- 865 Syslog messages in alphabetical order
- 875 Supported MIBs
- 875 Supported MIBs
- 879 Supported traps
- 881 Supported ciphers
- 883 Adding User Preferences attribute to Active Directory
- 883 Install All Administrative Tools (Windows 2000 Server)
- 883 Register the Schema Management dll (Windows Server 2003)
- 884 Add the Active Directory Schema Snap-in (Windows 2000 Server and Windows Server 2003)
- 886 Permit write operations to the schema (Windows 2000 Server)
- 887 Create a new attribute (Windows 2000 Server and Windows Server 2003)
- 888 Create the new class
- 891 Configuring DHCP to auto-configure IP Phones
- 892 Configuring IP Phone auto-configuration
- 892 Creating the DHCP options
- 896 Configuring the Call Server Information and VLAN Information options
- 899 Setting up the IP Phone
- 901 Using a Windows domain logon script to launch the Nortel SNAS 4050 portal
- 901 Configuring the logon script
- 902 Creating a logon script
- 902 Creating the script as a batch file
- 903 Creating the script as a VBScript file
- 903 Assigning the logon script
- 905 Software licensing information
- 911 Index