Use the Add Port Profiles page in the Customer Portal to create port profiles. The Add Port Profiles page provides the step-by-step procedure to create a port profile. You create a port profile by assigning an authentication profile, a firewall filter for the ingress traffic, a firewall filter for the egress traffic, and configuring port parameters.
To add a port profile:
The Port Profiles page appears.
The Add Port Profile wizard appears. The wizard provides step-by-step procedures to create the port profile.
Note Fields marked with * are mandatory.
The Port profile is created. You are returned to the Port Profiles page where a confirmation message is displayed.
After you create a port profile, you can deploy the port profile on one or more ports of the switch . See Deploy a Port Profile.
Table 219: Port Profile Settings
Setting | Guideline |
---|---|
General | |
Profile Name | Enter a unique name for the port profile which can contain only alphanumeric characters and hyphen (-); 32-characters maximum. |
Profile Description | Enter a description for the port profile. |
Basic Settings | |
Port Mode | Select whether the port should be configured as a trunk port or an access port:
|
Port Authentication Settings | |
Authentication Profile | Select an authentication profile to be used in the port profile. An authentication profile defines the authentication method and other parameters related to communication between the switch and the supplicant. You must configure the authentication profiles before attempting to use it in the port profile. To add an authentication profile, see Add Authentication Profiles. If you select None (default), no authentication profile is associated with the port profile. You can use this option when you do not want 802.1x authentication to be configured on a port. |
Firewall Filter | |
Firewall Filter Profile (Ingress) | Select a firewall filter profile to be used for the ingress traffic. You must have configured the firewall filter before attempting to use it in the port profile. To configure a Firewall filter, see Add Firewall Filters. |
Firewall Filter Profile (Egress) | Select a firewall filter profile to be used for the egress traffic. You must have configured the firewall filter before attempting to use it in the port profile. To configure a Firewall filter, see Add Firewall Filters. |
Advanced Settings | |
Link Settings | Click to enable or disable (default) link settings on a port. If you disable this setting, the port uses the default configurations for auto negotiation, flow control, MTU, speed, and link mode. Enable this option to modify the default configuration. |
Auto Negotiation | Click to enable (default) or disable autonegotiation on the port. Auto negotiation enables a port to determine the data transmission speed and the duplex mode based on the speed and duplex mode of the peer port. If you have enabled autonegotiation and also configured link mode and speed, the ports use the configured values for link mode and speed. If you disable autonegotiation, you must configure values for link mode and speed. |
Flow Control | Click to enable (default) or disable flow control on a port. Flow control enables a port to regulate network traffic so that there is no data loss during congestion. If you disable flow control, you lose data during congestion. |
MTU | Enter the size (in bytes) of the maximum transmission unit (MTU) that can be transmitted through a port. Range: 256 to 9216 bytes Default: 1514 bytes |
Speed | Select the maximum transmission speed of a port. If you enable auto-negotiation and also select a value for speed, the port considers the value configured here for transmission speed. Default: 1G |
Link Mode | Select the mode of the links configured on a port:
If you enable autonegotiation and also select a value for link mode, the port considers the value configured here for the operating mode of the links established on the port. |
Storm Control Settings | Click to enable or disable (default) storm control settings on a port. If you disable this setting, the port uses the defalt value for storm control. Enable this option to modify the default storm control value. |
Storm Control | For all traffic combined, enter the bandwidth (in kbps) or the percentage of the bandwidth, beyond which a port can drop packets. Also, select whether the value you enter indicates the percentage or the bandwidth, from the drop-down list. The default unit is percentage. Range: For bandwidth, 100 through 100,000,000 kbps. For percentage, 1 through 100 Default: 80 percent |
Power over Ethernet (PoE) Settings | Click to enable or disable (default) PoE on a port. If you disable this setting, the default PoE setting is configured on a port when you deploy the profile on the port. Enable this option to modify the default PoE settings. |
Maximum Power | Enter the maximum power (in watts) that a port can provide. Range: 1 through 90 watts Default: 30 watts. |
Priority | Select a priority (Low or High) for a port to be used as a source for powering a device connected to the port. If power is insufficient for all PoE ports, the PoE power to low-priority ports is shut down before power to high-priority ports is shut down. Among ports that have the same assigned priority, the power priority is determined by port number, with lower-numbered ports having higher priority. Default: Low |
Port Security Settings | Click to enable or disable (default) security on a port. If you disable this setting, the default port security is configured on a port when you deploy the profile on the port. Enable this option to modify the default settings. |
Trust DHCP | Click to enable (default) or disable trusting traffic from a DHCP server. If you disable this option, the port drops packets sent to and received from a DHCP server. |
MAC Limit | Click to enable or disable (default) setting the maximum number of MAC addresses that can be stored in the MAC table for a port. If you enable MAC Limit, you must configure a value for MAC limit and MAC limit action. If you disable this option, you cannot limit the MAC addresses that are learnt within a VLAN and therefore, enforce security against flooding of the Ethernet switching table. |
MAC Limit | Enter the maximum number of MAC addresses that a switch can store in the MAC table for a port. Range: 1 through 10,000 Default: 1 |
MAC Limit Action | Select the action a port must take when the number of entries in the port MAC table reaches the MAC limit value:
|