1. Home
    2. /
  2. Manuals
    3. /
  3. Linksys
    4. /
  4. SRW2024P
    5. /
  5. 13
Page 61 / 110 Scroll up to view Page 56 - 60
52
Chapter 5: Using the Web-based Utility for Configuration
Security Tab - HTTPS Settings
24-Port 10/100/1000 Gigabit Switch with Webview and PoE
Security Tab - HTTPS Settings
You can configure the Switch to enable the Secure Hypertext Transfer Protocol (HTTPS) over the Secure Socket
Layer (SSL), providing secure access (that is, an encrypted connection) to the Switch’s web interface.
To enable HTTPS, select
HTTPS Status
and specify the port number.
Click
Save Settings
to save the changes.
Security Tab - Management ACL
Management ACL You can create a list of up to 16 IP addresses or IP address groups that are allowed access to
the Switch through the web interface, SNMP, or Telnet.
The management interfaces are open to all IP addresses by default. Once you add an entry to a filter list, access
to that interface is restricted to the specified addresses. If anyone tries to access a management interface on the
Switch from an invalid address, the Switch will reject the connection, enter an event message in the system log,
and send a trap message to the trap manager.
IP addresses can be configured for web, SNMP, and Telnet access. Each of these groups can include up to five
different sets of addresses, either individual addresses or address ranges. When entering addresses for the same
group (i.e., SNMP, web or Telnet), the Switch will not accept overlapping address ranges. When entering
addresses for different groups, the Switch will accept overlapping address ranges.
You cannot delete an individual address from a specified range. You must delete the entire range, and reenter the
addresses. You can delete an address range just by specifying the start address, or by specifying both the start
address and end address.
Figure 5-32: Security - Management ACL
Figure 5-31: Security - HTTPS Settings
Downloaded from
www.Manualslib.com
manuals search engine
Page 62 / 110
53
Chapter 5: Using the Web-based Utility for Configuration
Security Tab - SSH Settings
24-Port 10/100/1000 Gigabit Switch with Webview and PoE
Security Tab - SSH Settings
The Secure Shell (SSH) includes server/client applications that can provide remote management access to the
Switch and act as a secure replacement for Telnet.
When the client contacts the Switch through the SSH protocol, the Switch generates a public-key that the client
uses along with a local user name and password for access authentication. SSH also encrypts all data transfers
passing between the Switch and SSH-enabled management station clients, and ensures that data traveling over
the network arrives unaltered.
Note that you need to install an SSH client on the management station to access the Switch for management
through the SSH protocol. The Switch supports both SSH Version 1.5 and 2.0.
SSH Server Status. Allows you to enable/disable the SSH server on the Switch. (Default: Disabled)
Version. The Secure Shell version number. Version 2.0 is displayed, but the Switch supports management access
via either SSH Version 1.5 or 2.0 clients.
SSH Authentication Timeout. Specifies the time interval in seconds that the SSH server waits for a response from
a client during an authentication attempt. (Range: 1-120 seconds; Default: 120 seconds)
SSH Authentication Retries. Specifies the number of authentication attempts that a client is allowed before
authentication fails and the client has to restart the authentication process. (Range: 1-5 times; Default: 3)
SSH Server-Key Size. Specifies the SSH server key size. The server key is a private key that is never shared
outside the Switch.The host key is shared with the SSH client, and is fixed at 1024 bits. (Range: 512-896 bits;
Default:768)
Figure 5-33: Security - SSH Settings
Downloaded from
www.Manualslib.com
manuals search engine
Page 63 / 110
54
Chapter 5: Using the Web-based Utility for Configuration
SSH Host-Key Settings
24-Port 10/100/1000 Gigabit Switch with Webview and PoE
SSH Host-Key Settings
A host public/private key pair is used to provide secure communications between an SSH client and the Switch.
After generating this key pair, you must provide the host public key to SSH clients and import the client’s public
key to the Switch.
Public-Key of Host-Key
. The public key for the host.
RSA (Version 1): The first field indicates the size of the host key (e.g., 1024), the second field is the encoded
public exponent (e.g., 65537), and the last string is the encoded modulus.
DSA (Version 2): The first field indicates that the encryption method used by SSH is based on the Digital
Signature Standard (DSS). The last string is the encoded modulus.
Host-Key Type
. The key type used to generate the host key pair (i.e., public and private keys). (Range: RSA
(Version 1), DSA (Version 2), Both: Default: RSA) The SSH server uses RSA or DSA for key exchange when the
client first establishes a connection with the Switch, and then negotiates with the client to select either DES (56-
bit) or 3DES (168-bit) for data encryption.
Save Host-Key from Memory to Flash
. Saves the host key from RAM (volatile memory) to flash memory.
Otherwise, the host key pair is stored to RAM by default. Note that you must select this item prior to generating
the host-key pair.
Generate
. This button is used to generate the host key pair. Note that you must first generate the host key pair
before you can enable the SSH server.
Clear
. This button clears the host key from both volatile memory (RAM) and non-volatile memory (Flash).
Figure 5-34: Security - SSH Host-Key Settings
Downloaded from
www.Manualslib.com
manuals search engine
Page 64 / 110
55
Chapter 5: Using the Web-based Utility for Configuration
QoS Tab
24-Port 10/100/1000 Gigabit Switch with Webview and PoE
QoS Tab
Network traffic is usually unpredictable, and the only basic assurance that can be offered is best effort traffic
delivery. To overcome this challenge, Quality of Service (QoS) is applied throughout the network. This ensures that
network traffic is prioritized according to specified criteria, and that specific traffic receives preferential
treatment.
CoS provides varying Layer 2 traffic services. CoS refers to classification of traffic to traffic-classes, which are
handled as an aggregate whole, with no per-flow settings. CoS is usually related to the 802.1p service that
classifies flows according to their Layer 2 priority, as set in the VLAN header.
QoS refers to Layer 2 traffic and above. QoS handles per-flow settings, even within a single traffic class.
QoS Tab - CoS Settings
Class of Service (CoS) allows you to specify which data packets have greater precedence when traffic is buffered
in the Switch due to congestion. The Switch supports CoS with four priority queues for each port. Data packets in
a port’s high-priority queue will be transmitted before those in the lower-priority queues. You can set the default
priority for each interface, and configure the mapping of frame priority tags to the Switch’s priority queues.The
priority levels recommended in the IEEE 802.1p standard for various network applications are shown in the
following table. However, you can map the priority levels to the Switch’s output queues in any way that benefits
application traffic for your own network.
The CoS Settings screen contains fields for enabling or disabling CoS. In addition, the Trust mode can be selected.
The Trust mode relies on predefined fields within the packet to determine the egress queue settings.
Priority Level
Traffic Type
1
Background
2
(Spare)0(default) Best Effort
3
Excellent Effort
4
Controlled Load
5
Video, less than 100 milliseconds latency and jitter
6
Voice, less than 10 milliseconds latency and jitter
7
Network Control
Figure 5-35: QoS - CoS Settings
Downloaded from
www.Manualslib.com
manuals search engine
Page 65 / 110
56
Chapter 5: Using the Web-based Utility for Configuration
QoS Tab - Queue Settings
24-Port 10/100/1000 Gigabit Switch with Webview and PoE
CoS to Queue
Assign priorities to the traffic classes (output queues) for the selected interface.
Class of Service
. CoS value. (Range: 0-7, where 7 is the highest priority queue)
Queue
(0-3). The output priority queue. (Range: 0-3, where 3 is the highest CoS priority queue)
Port to CoS
Modify the default priority for any interface using the text field provided.
Default CoS
(0-7). The priority that is assigned to untagged frames received on the interface. (Range: 0-7, where
7 is the highest priority)
LAG
. Indicates if ports are members of a LAG. To configure the default priority for LAGs, go to the table entry for
the LAG number, which is listed after port g24
at the end of the table.
Default settings can be restored using the
Restore Defaults
button.
Click
Save Settings
to save the changes.
QoS Tab - Queue Settings
The Queue Setting screen contains fields for defining the QoS queue forwarding types.
Queue.
Displays the queue for which the queue settings are displayed. The possible field range is 1 - 4.
Strict Priority.
Indicates that traffic scheduling for the selected queue is based strictly on the queue priority.
WRR.
Indicates that traffic scheduling for the selected queue is based strictly on the WRR.
WRR Weight.
Displays the WRR weights to queues.
% of WRR Bandwidth
. Displays the amount of bandwidth assigned to the queue. These values are fixed and are
not user defined.
Figure 5-36: QoS - Queue Settings
Downloaded from
www.Manualslib.com
manuals search engine

Rate

4 / 5 based on 1 vote.

Popular Linksys Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top