Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Creating and Managing Device Common Settings

    Use the Manage Device Common Settings page to create new device common settings for switching and wireless devices and to manage the existing device common settings.

    This topic describes:

    Managing Device Common Settings

    From the Manage Device Common Settings page, you can:

    • Create a new Device Common Settings profile by clicking Add. For directions, see Creating a Device Common Settings Profile.
    • Modify an existing Device Common Settings profile by selecting it and clicking Edit.
    • Assign a Device Common Settings profile to a device by selecting a profile and clicking Assign. For directions, see Assigning Device Common Settings to Devices.
    • Modify an existing assignment of a Device Common Settings profile by selecting the profile and clicking Edit Assignment.
    • View information about a Device Common Settings profile by either double-clicking the profile name or by selecting the profile and clicking Details.
    • Delete a Device Common Settings profile by selecting a profile and clicking Delete.

      Tip: You cannot delete common settings profiles that are in use—that is, assigned to devices or used by other profiles. To see the current assignments for a profile, select the profile and click Details.

    • Clone a Device Common Settings profile by selecting a profile and clicking Clone.

    Table 1 describes the device information available on the Manage Device Common Settings page. This page lists all Device profiles defined for your network, regardless of your current selected scope in the network view.

    Table 1: Manage Device Common Settings Settings

    Field Name

    Action

    Profile Name

    Name given to the profile when the profile was created.

    Family Type

    The device family; EX Series switch, Campus Switching ELS, wireless LAN controller (WLC), Data Center Switching.

    Description

    Description of the Device profile entered when the profile was created.

    Assignment State

    Displays the assignment state of the profile. A profile can be:

    • Unassigned—When the profile is not assigned to any device
    • Deployed—When the profile is assigned to a device and is deployed from Deploy mode
    • Pending Deployment—When the profile is assigned to a device, but not yet deployed in the network. For deployment directions, see Deploying Configuration to Devices.

    Assigned to

    Displays the number of devices to which the profile assignment is done.

    Creation Time

    Date and time when the profile was created.

    Last Updated Time

    Date and time when the profile was last modified.

    User Name

    The username of the person who created or modified the profile.

    Tip: All columns might not be displayed. To show or hide fields listed in the Manage Authorization Profiles table, click the down arrow on the field header, select Columns, and select or clear the check box adjacent to the field that you want to show or hide.

    Creating a Device Common Settings Profile

    In Network Director, as an administrator, you can configure Device Common Settings profiles by using the Create Device Profile page for either switches or wireless LAN controllers. You can view the summary of the configurations before saving the Device profile.

    At minimum, you must specify the Device profile and profile name in the workflow. You can include additional configuration such as:

    • Device users
    • Management services
    • Multicast, spanning-tree protocol (STP)
    • Domain Name Server
    • DHCP servers, DHCP Relay servers, Login Banner, and Global PoE settings for switches

    You can create profiles on the basis of the device family and each Device profile is specific to a device family. After you create a Device profile, you assign the profiles to different devices.

    Note: You can assign only one profile to a device. However, you can assign the same profile to multiple devices.

    To create a Device profile:

    1. Under Views, select one of these options: Logical View, Location View, Device View or Custom Group View.

      Tip: Do not select Dashboard View, Datacenter View, or Topology View.

    2. Click in the Network Director banner.
    3. From the Tasks pane, select the type of network (Wired or Wireless), the appropriate functional area (Wired or Wireless), and select the name of the profile that you want to create. For example, to create a RADIUS profile for a wireless device, click Wireless > Profiles > RADIUS. The appropriate Manage Profile page opens.
    4. Click Add to add a new profile.

      If you chose to create a profile for the wired network, Network Director opens the Device Family Chooser window.

      1. From the Device Family Chooser, select the device family for which you want to create a profile. The available device families are Switching (EX), Campus Switching ELS (Enhanced Layer 2 Software), Data Center Switching Non-ELS and Data Center Switching ELS.
      2. Click OK.

        The Create Device Common Settings wizard for the selected device family is displayed. It consists of four sections, Basic Settings, Management Settings, Protocol Settings, and Review.

      If you chose to create a profile for the wireless network, Network Director opens the Create Device Common Settings for Wireless wizard.

    5. Specify the basic settings. Complete the Basic Setting wizard page as described in both the online help and in Specifying Basic Settings for Device Common Settings.
    6. When you have completed the basic settings, either click Next or click Management Settings at the top of the wizard window.
    7. Complete the Management Settings described in both the online help and in the sections Specifying Management Settings for EX Switching Device Common Settings, Specifying Management Settings for Wireless Device Common Settings, Specifying Management Settings for Campus Switching ELS Device Common Settings, Specifying Management Settings for Data Center Non-ELS Device Common Settings and Specifying Management Settings for Data Center ELS Device Common Settings.
    8. When you have completed the management settings, click Next.
    9. Complete the protocol settings as described both online help and in the sections Specifying Protocol Settings for EX Switching Device Common Settings, Specifying DNS Settings for Wireless Device Common Settings, Specifying DHCP Relay/DNS Settings for Campus Switching ELS Device Common Settings, Specifying Protocol Settings for Data Center Switching Non-ELS Device Common Settings and Specifying Protocol Settings for Data Center Switching ELS Device Common Settings
    10. When you have completed the protocol settings, either click Next or click Review at the top of the wizard window.
    11. You can either save your profile or make changes to your profile from the Review page. For more information, see Reviewing and Saving a Device Common Settings Configuration.
    12. Click Finish to save the Device profile configuration.

      The system saves the Device profile and displays the Manage Device Common Settings page. Your new or modified Device profile is listed in the table.

    Specifying Basic Settings for Device Common Settings

    To configure the basic settings for any Device Common Settings profile, enter the settings described in Table 2. Mandatory settings are indicated by a red asterisk (*) that appears next to the field label in the user interface.

    Table 2: Device Profile Basic Settings

    Field

    Action

    Profile Name

    Type a name for the profile.

    You can use up to 32 characters for profiles created for wireless devices. Profile name must not contain special characters or spaces. Note that profiles that are automatically created by Network Director as part of device discovery or out-of-band changes might contain the underscore (_) character.

    Description

    Type a description of the profile containing up to 256 characters.

    Login Banner for EX Series switches, Campus Switching ELS, and Data Center Switching

    Enter the banner text—this text is displayed in the banner when you log in to the device.

    Country Code for wireless LAN controllers only

    Select the country code for the wireless LAN controllers. Country code settings are required on the primary wireless seed controller.

    Tip: Do not set the country code if you plan to provision the Device profile for active secondary and member nodes that will be part of a cluster.

    AP Security Mode for wireless LAN controllers only

    You can indicate that access point security is Required, Optional, or None.

    Device Users

    Task: Add a Device User

    To add a device user:

    1. Click Add under Device Users.

      The Add User window opens.

    2. Provide a username and password. Confirm the password. Enter a combination of 6 through 128 alphanumeric characters and special characters. The password is case sensitive and must be a combination of at least two different types of characters or a combination of upper case and lower case letters.

      Tip: Do not create a user with the name root.

    3. Select a role for the user:
      • For switches, the role options are: Operator, Read-only, Super-user, or Unauthorized. Operators have clear, network, reset, trace, and view privileges. Super-Users have all privileges.
      • For wireless controllers, the role options are: Framed, Administrative, or NAS-Prompt. Framed users have network user access only. Administrative users have access to the controller, including the enabled (configuration) mode. NAS-Prompt users have administrative access to the controller, excluding enabled mode.
    4. Click OK.

      The user is added to the list of Device Users.

    Tip: To edit an entry, select a row from the Device Users table and click Edit to modify the information. To delete an entry select a row from the Device Users table and click Delete to delete the user.

    Time Settings

    Time settings apply to all platforms. However, the setting for offset applies exclusively to wireless.

    Time Zone

    Select a country and time zone from the list. For wireless, you can also change the setting for Offset.

    Add a Time Server

    To add a time server:

    1. Click Add under Time Server.

      The Add Time Server window opens.

    2. Provide an IP address and, optionally for switches only, mark the corresponding time server as Preferred.
    3. Click OK.

      The server is added to the list of Time Servers.

      Tip: To edit the settings of a time server, select it and then click Edit.

    To configure management settings, click Next or click Management Settings at the top of the wizard window. To skip the management settings and protocol settings, click Review at the top of the wizard window.

    Management Settings are described in both the online help and in the sections Specifying Management Settings for EX Switching Device Common Settings, Specifying Management Settings for Wireless Device Common Settings, Specifying Management Settings for Campus Switching ELS Device Common Settings, Specifying Protocol Settings for Data Center Switching Non-ELS Device Common Settings and Specifying Management Settings for Data Center Non-ELS Device Common Settings.

    Specifying Management Settings for EX Switching Device Common Settings

    To configure the management settings for an EX switching Device profile:

    1. Enter the settings described in Table 3. All settings are optional. Default values are applied to the configuration if you skip the management settings configuration.

      Table 3: Device Profile Management Settings for EX Switching

      Task

      Action

      Enable Services

      You can enable one or more network protocol services for this Device profile: FTP, TELNET, HTTPS, or HTTP.

      Note: HTTP and HTTPS are not available for EX9200 Series switches.

      Configure PoE

      To add Power over Ethernet (PoE) configuration for EX switching, enable Configure PoE and provide these settings:

      Note: PoE configuration will be added only to switches that support PoE.

      1. Using the arrows, adjust the Guard Band value from 0 through 19 watts. A guard band reserves a specified amount of power from the PoE power budget for the switch or line card in case of a spike in PoE consumption. For switches with multiple PoE line cards, such as the EX6200 switch, the guard band wattage is set to the specified value on all line cards, unless a line card has been explicitly configured with a different value.

        Tip: The valid guard band range (in watts) for EX6200 and EX8200 switches is 0 through 15. Any value outside this range causes the profile deployment to fail.

      2. Select a Management Mode for PoE, either Class or Static:
        • Class Management—In class PoE management mode, the maximum power for an interface is determined by the class of the connected powered device.
        • Static Management—In the static PoE management mode, you specify the maximum power for each PoE interface. The PoE controller then allocates this amount of power to the interface from its total budget.
      3. For PoE Global, you can indicate Enable All, Disable All, or None.

      Note: If you deselect Configure PoE, PoE is disabled and the global PoE settings supported by this profile (poe guard-band, poe fpc all guard-band, poe management, poe fpc all management, and poe interface all) are deleted from the switch when the profile is deployed on the switch.

      Syslog Settings

      Optionally, expand the Syslog Settings and provide the following system logging settings.

      Enable Device Logging for Switches

      To enable device logging for switches:

      1. Under Enable Device Log, click Add.

        The Add Log window opens.

      2. Select the log type for switching, either Console, File, User, or Host.
        • Console logging sends system log messages to the console.
        • File logging sends system log messages to the file you specify in File Name.
        • User logging sends system log messages to the terminal session of the user specified in User Name. You will also need to provide the name of the user.
        • Host logging sends system log messages to the server specified in Host. Host can be either an IP address or host name.
      3. Under Services, click Add.

        The phrase Click to enter value appears in both the Service column and Severity Filter column.

      4. Click the phrase Click to enter value in the Service column.

        A list box replaces the phrase in the Service column.

      5. From the Service list, select a logging service: Any, Authorization, Change-log, Conflict-log, Daemon, DFC, External, Firewall, FTP, Interactive-commands, Kernel, NTP, PFE, Security or User.
      6. Click the phrase Click to enter value in the Severity Filter column.

        A list box replaces the phrase in the Severity Filter column.

      7. Select an available severity filter from the list, either Alert, Any, Critical, Emergency, Error, Info, None, Notice, or Warning.

        The filter is added to the list of Severity Filters. The filter is activated when the corresponding service is triggered.

      8. Click OK.

        The log is added to the Enable Device Log list.

      Edit Logging Settings

      Select a Log Type from the Enable Device Log list and click Edit to change the configuration.

      Delete Logging Settings

      Select a Log Type from the Enable Device Log list and click Delete to remove the server configuration.

    To configure protocol settings, either click Next or click Protocol Settings. To use the default protocol settings, skip to final review by clicking Review at the top of the wizard window.

    Protocol Settings options are described in the section Specifying Protocol Settings for EX Switching Device Common Settings,

    Specifying Management Settings for Wireless Device Common Settings

    To configure the management settings for a wireless Device profile:

    1. Enter the settings described in Table 4. All settings are optional. Default values are accepted in the configuration settings if you skip the management settings options.

      Table 4: Device Profile Management Settings for Wireless

      Task

      Action

      Enable Services

      You can enable one or more of the listed network protocol services for this Device profile: TELNET, HTTPS, HTTP, TFTPD, and SSH. You can also change the default port numbers after clicking them.

      Syslog Settings

      Optionally, expand Syslog Settings and enable a device log and/or configure a syslog server.

      Enable Device Logging for Wireless

      To enable device logging for wireless devices:

      1. Under Enable Device Log, click Add.

        The Add Log window opens.

      2. Select a wireless log type, either Console, Session, or Trace.
        • Console logging sends system log messages to the console.
        • With session logging, each main session event—create, close, and deny—creates a log entry.
        • Trace operations record more detailed information about the operations, including packet forwarding and routing information.
      3. Select a Severity Filter for this log from the list, either Alert, Critical, Debug all, Emergency, Error, Info, Notice, or Warning.
      4. Click OK.

        The device log appears in the Enable Device Log list with its log type and severity filter. The filter will be activated when the corresponding service is triggered.

      Tip: To edit logging settings, select an entry from the Enable Device Log table and click Edit.

      To delete a logging setting, select an entry from the Enable Device Log table and click Delete.

      Add a Syslog Server

      To add a syslog server to the common settings:

      1. Under Syslog Servers, click Add.

        The Add Server window opens.

      2. Type the IP address of the server.
      3. Select a Severity Filter from the list, either Alert (default), Critical, Debug All, Emergency, Error, Info, Notice, or Warning.

        Tip: The filter will be activated when the corresponding service is triggered.

      4. Click OK.

        The server is added to the list of Syslog Servers.

      Tip: To edit a syslog server, select a server and click Edit.

      To delete a syslog server, select a server from the Syslog Servers list, and then click Delete to remove the server.

      Service Settings

      Optionally, expand Service Settings to configure the Web Portal setting to enable wireless WebAAA globally and/or provide the timeout settings for CLI Management sessions (SSH, Telnet, and Console).

      Web Portal
      (wireless only)

      Check Web Portal to enable a Web Portal for a wireless device. WebAAA provides a way to authenticate any user or device by using a Web browser. A common application of WebAAA is to control access for guests on your network. When a user requests access to an SSID or attempts to access a Web page before logging onto the network, MSS displays a login page in the user’s browser. For more information, see Understanding Web Portals

      SSL Mode: A Secure Socket Layer (SSL) connection means that any data that you send over the Internet is encrypted.

      • None—Use no encryption for Web Portal.
      • Partial—Use SSL for Web Portal login but after successful authentication, users access the rest of the pages without SSL.
      • Full—Use SSL for all Web Portal communication.

      Force HTML: Check Force HTML to use HTML for all Web Portal pages. This requires users to login through a Web portal page. The current implementation of Web portal on the controller includes specific handling of Apple’s iOS devices. When a request for this URL is sent and the requesting device does not get the anticipated response, the iOS device automatically opens a Web browser interface and then opens the Web Portal login page.

      Idle Time Out for Services

      Idle time out for service sessions such as Telnet and SSH. By default, MSS automatically terminates a console or a Telnet session that is idle for more than one hour. You can specify from 0 to 86400 seconds (one day). If you specify 0, the idle timeout is disabled. The timeout interval is in 30-second increments. For example, the interval can be 0, or 3 seconds, or 60 seconds, or 90 seconds, and so on. If you enter an interval that is not divisible by 30, the controller rounds up to the next 30-second increment.

      Console Time Out for Remote Connections

      Sets the timeout for the CLI console. You can specify from 0 to 86400 seconds (one day). If you specify 0, the console timeout is disabled.

    To configure wireless DNS settings, either click Next or click DNS Settings. To skip the DNS settings, click Review at the top of the wizard window.

    DNS settings are described in the section Specifying DNS Settings for Wireless Device Common Settings.

    Specifying Management Settings for Campus Switching ELS Device Common Settings

    To configure the management settings for an ELS campus switching device common setting profile:

    1. Enter the settings described in Table 5. All settings are optional—default values are applied to the configuration if you skip the management settings.

      Table 5: Management Settings for ELS Switching Device Profile

      Task

      Action

      Enable Services

      You can enable one or more network protocol services for this Device profile: FTP, Telnet, HTTPS, or HTTP. By default, none are selected.

      Configure PoE

      To add Power over Ethernet (PoE) configuration for ELS Switching, enable Configure PoE and provide these settings:

      Note: PoE configuration will be added only to switches that support PoE.

      1. Using the arrows, adjust the Guard Band value from 0 through 19 watts. A guard band reserves a specified amount of power from the PoE power budget for the switch or line card in case of a spike in PoE consumption. For switches with multiple PoE line cards, such as the EX6200 switch, the guard band wattage is set to the specified value on all line cards, unless a line card has been explicitly configured with a different value.

        Tip: The valid guard band rang (in watts) for EX6200 and EX8200 switches is 0 through 15. Any value outside this range causes the profile deployment to fail.

      2. Select a Management Mode for PoE, either Class or Static:
        • Class Management—In class PoE management mode, the maximum power for an interface is determined by the class of the connected powered device.
        • Static Management—In the static PoE management mode, you specify the maximum power for each PoE interface. The PoE controller then allocates this amount of power to the interface from its total budget.
      3. For PoE Global, you can indicate Enable All, Disable All, or None.

      Note: If you deselect Configure PoE, PoE is disabled and the global PoE settings supported by this profile (poe guard-band, poe fpc all guard-band, poe management, poe fpc all management, and poe interface all) are deleted from the switch when the profile is deployed on the switch.

      Syslog Settings

      Optionally, expand the system logging section and configure device logging.

      Enable Device Logging for ELS Switches

      To enable device logging for ELS switches:

      1. Under Enable Device Log, click Add.

        The Add Log window opens.

      2. Select the log type for ELS switching, either Console, File, User, or Host (default).
        • Console logging sends system log messages to the console.
        • File logging sends system log messages to the file you specify for File Name.
        • User logging sends system log messages to the terminal session of the user you specify for User Name. You will also need to provide the name of the user.
        • Host logging sends system log messages to the server you specify for Host. Host can be either an IP address or host name.
      3. Under Services, click Add.

        The phrase Click to enter value appears in both the Service column and Severity Filter column.

      4. Click on the phrase Click to enter value in the Service column.

        A list box replaces the phrase in the Service column.

      5. From the Service list, select a logging service: Any, Authorization, Change-log, Conflict-log, Daemon, DFC, External, Firewall, FTP, Interactive-commands, Kernel, NTP, PFE Security or User.
      6. Click on the phrase Click to enter value in the Severity Filter column.

        A list box replaces the phrase in the Severity Filter column.

      7. Select a Severity Filter from the list, either Alert, Any, Critical, Emergency, Error, Info, Notice, or Warning.
      8. Click OK.

        The filter is added to the list of Enabled Device Logs with entries in the Log Type column and filter name column. The filter will be activated when the corresponding log type is triggered.

      Task: Edit Logging Settings

      Select an entry from the Enable Device Log table and click Edit to change the settings.

      Task: Delete Logging Settings

      Select an entry from the Enable Device Log table and click Delete to remove the server settings.

    To configure DHCP Relay and DNS, either click Next or click DHCP Relay/DNS Settings. To skip the protocol settings, click Review at the top of the wizard window.

    DHCP Relay and DNS options are described in the section Specifying DHCP Relay/DNS Settings for Campus Switching ELS Device Common Settings.

    Specifying Management Settings for Data Center Non-ELS Device Common Settings

    To configure the management settings for a Data Center Management Non-ELS Device profile:

    1. Enter the settings described in Table 6. All settings are optional—default values are applied to the configuration if you skip the management settings.

      Table 6: Device Profile Management Settings for Data Center Non-ELS

      Field

      Action

      Enable Services

      You can enable one or more network protocol services for this Device profile:

      • For Data Center Switching, FTP, Telnet, HTTP.
      System Logging Settings

      Optionally, expand the Syslog Settings and provide the following system logging settings:

      Enable Device Logging for Switches

      To enable device logging for switches:

      1. Under Enable Device Log, click Add.

        The Add Log window opens.

      2. Select the log type for switching: Console, File, User, or Host.
        • Console logging sends system log messages to the console.
        • File logging sends system log messages to the file you specify in File Name.
        • User logging sends system log messages to the terminal session of the user specified in User Name. You will also need to provide the name of the user.
        • Host logging sends system log messages to the server specified in Host. Host can be either an IP address or host name.
      3. Under Services, click Add.

        The phrase Click to enter value appears in both the Service column and Severity Filter column.

      4. Click on the phrase Click to enter value in the Service column.

        A list box replaces the phrase in the Service column.

      5. From the Services list, select a logging service: any, Authorization, Change-log, Conflict-log, Daemon, DFC, External, Firewall, FTP, Interactive-commands, Kernel, NTP, PFE or Security.
      6. Click on the phrase Click to enter value in the Severity Filter column.

        A list box replaces the phrase in the Severity Filter column.

      7. Select a Severity Filter from the list: Alert, Critical, Debug All, Emergency, Error, Info, Notice, or Warning.

        The filter is added to the list of Severity Filters. The filter is activated when the corresponding service is triggered.

      8. Click OK.

      Edit Logging Settings

      Select a Log Type from the Enable Device Log table and click Edit to change the information.

      Delete Logging Settings

      Select a Log Type from the Enable Device Log table and click Delete to remove the server information.

    To configure protocol settings, either click Next or click Protocol Settings. To skip the protocol settings, click Review at the top of the wizard window.

    Protocol Settings options are described in the section Specifying Protocol Settings for Data Center Switching Non-ELS Device Common Settings.

    Specifying Management Settings for Data Center ELS Device Common Settings

    To configure the management settings for a Data Center ELS Device profile:

    1. Enter the settings described in Table 7. All settings are optional—default values are applied to the configuration if you skip the management settings.

      Table 7: Device Profile Management Settings for Data Center ELS

      Field

      Action

      Enable Services

      You can enable one or more network protocol services for this Device profile:

      System Logging Settings

      Optionally, expand the Syslog Settings and provide the following system logging settings:

      Enable Device Logging for Switches

      To enable device logging for switches:

      1. Under Enable Device Log, click Add.

        The Add Log window opens.

      2. Select the log type for switching: Console, File, User, or Host.
        • Console logging sends system log messages to the console.
        • File logging sends system log messages to the file you specify in File Name.
        • User logging sends system log messages to the terminal session of the user specified in User Name. You will also need to provide the name of the user.
        • Host logging sends system log messages to the server specified in Host. Host can be either an IP address or host name.
      3. Under Services, click Add.

        The phrase Click to enter value appears in both the Service column and Severity Filter column.

      4. Click on the phrase Click to enter value in the Service column.

        A list box replaces the phrase in the Services column.

      5. From the Services list, select a logging service: any, Authorization, Change-log, Conflict-log, Daemon, DFC, External, Firewall, FTP, Interactive-commands, Kernel, NTP, PFE or Security.
      6. Click on the phrase Click to enter value in the Severity Filter column.

        A list box replaces the phrase in the Severity Filter column.

      7. Select a Severity Filter from the list: Alert, Critical, Debug All, Emergency, Error, Info, Notice, or Warning.

        The filter is added to the list of Severity Filters. The filter is activated when the corresponding service is triggered.

      8. Click OK.

      Edit Logging Settings

      Select a Log Type from the Enable Device Log table and click Edit to change the information.

      Delete Logging Settings

      Select a Log Type from the Enable Device Log table and click Delete to remove the server information.

    To configure protocol settings, either click Next or click DHCP/DNS Settings. To skip the DHCP/DNS settings, click Review at the top of the wizard window.

    DHCP/DNS Settings options are described in the section Specifying Protocol Settings for Data Center Switching ELS Device Common Settings.

    Specifying Protocol Settings for EX Switching Device Common Settings

    To configure the protocol settings for an EX Switching Device profile, enter the settings described in Table 8. All settings are optional.

    Table 8: Device Profile Protocol Settings for EX Switching

    Field

    Action

    Enable Storm Control

    Select this option to enable storm control on a switch.

    Spanning Tree Settings

    Spanning Tree Protocol Settings for switches only

    Select one of spanning-tree protocol (STP) settings for switches: STP, RSTP (default), MSTP, or None of these.

    • Spanning Tree Protocol—With STP configured, the switches use the IEEE 802.1D 2004 specification, force version 0. This configuration runs a version of RSTP that is compatible with classic, basic STP as defined in the 802.1D 1998 specification.
    • Rapid Spanning Tree Protocol—RSTP provides faster reconvergence time than the original STP both by identifying certain links as point-to-point and by using protocol handshake messages rather than fixed timeouts. VLAN Spanning Tree Protocol (VSTP) and RSTP can be configured concurrently. You can selectively configure up to 253 VLANs by using VSTP; the remaining VLANs will be configured by using RSTP. VSTP and RSTP are the only spanning-tree protocols that can be configured concurrently on a switch.
    • Multiple Spanning Tree Protocol—MSTP enables multiple VLANs to be mapped to the same spanning-tree instance, reducing the number of spanning-tree instances needed to support a large number of VLANs. MSTP provides multiple forwarding paths for data traffic and enables load-balancing. It improves the fault tolerance of the network because a failure in one instance, or forwarding path, does not affect other instances.

    You can also select the Enable VSTP check box to enable VSTP.

    Multicast Settings

    Enable IGMP

    Selecting this option enables Internet Group Management Protocol (IGMP) on all the interfaces for the selected device. Default is disabled. IGMP is a communications protocol used by both hosts and adjacent routers on IP networks to establish multicast group memberships.

    Enable IGMP Snooping

    Enables IGMP snooping on all VLANs. Default is enabled.

    Enable DHCP Relay

    Select this option to display the DHCP Relay settings.

    Add DHCP Relay to Device Profile

    To add DHCP Relay to this Device profile:

    1. Select Legacy DHCP Relay (default).
    2. Add one or more DHCP servers to the Device Common Settings profile:
      1. Click Add under DHCP Servers.

        The Add Server window opens.

      2. Type an IP Address.
      3. Click OK.

        The server is added to the list of DHCP Servers.

    Add Extended DHCP Relay to a Device Profile

    To add Extended DHCP Relay to this Device profile:

    1. Select Extended DHCP Relay instead of Legacy DHCP Relay.
    2. Add one or more DHCP Server Groups to the Device Common Settings profile:
      1. Click Add under Add DHCP Servers Group.

        The Add Server Group window opens.

      2. Provide a name for the server group.
      3. Optionally, make this an active server group by checking Active Group.
      4. Add servers to the group by clicking Add under DHCP Servers.

        The phrase Click to enter value appears in the IP Address column.

      5. Select Click to enter value and then enter an IP Address.
      6. Click OK.

        The server is added to the DHCP server group list.

      7. Add a relay interface group by clicking Add under Add Relay Interface Group.

        The Add DHCP Relay Interface window opens.

      8. Type a DHCP interface group name.
      9. Select a server group from the Server Group list.
      10. Click OK.

        The group is added to the Relay Interface Group list.

    Click either Next or Review, to see the Review page. For review directions, see Reviewing and Saving a Device Common Settings Configuration.

    Specifying DNS Settings for Wireless Device Common Settings

    To configure the DNS settings for a wireless Device profile, enter the settings described in Table 9. All settings are optional.

    Table 9: Device Profile DNS Settings for Wireless

    Task

    Action

    DNS Settings

    Add a Domain Name Server

    To add a Domain Name Server (DNS) for wireless common settings:

    1. Click Add under Domain Name Servers.

      The Add Server window opens.

    2. Enter the IP address of the DNS server.
    3. Select a preference for the server, either Primary (default) or Secondary.

      Tip: You can add only one primary IP address, but can add several secondary IP addresses.

    4. Click OK.

      The IP address and preference are now listed in the list of Domain Name Servers.

    Tip: To modify an IP address, select it from the Domain Name Servers table and click Edit.

    To delete an IP address, select it from the Domain Name Servers table and click Delete.

    Click either Next or DAC Settings to see the next section of the wizard. For Dynamic Authorization Client configuration directions, see Configuring Wireless Dynamic Authorization Client (DAC) Settings .

    Configuring Wireless Dynamic Authorization Client (DAC) Settings

    Dynamic Authorization Client (DAC) is a dynamic RADIUS extension that enables administrators supporting a RADIUS server to disconnect a user and change the authorization attributes of an existing user session. The DAC is the component sending the Disconnect and CoA requests to the Dynamic Authorization Server (DAS). Though the DAC often resides on the RADIUS server, it can be located on a separated host, such as a Routing Engine.

    Table 10: Dynamic Authorization Client (DAC) Settings

    Field

    Directions

    RADIUS DAS Port

    The Dynamic Authorization Server (DAS) is the component residing on the NAS that processes the Disconnect and Change-of-Authorization (CoA) requests sent by the Dynamic Authorization Client (DAC). The Dynamic Authorization Server Port is the UDP where the DAS listens for Disconnect and CoA requests sent by the DAC. Default port used is 3799.

    Task: Add a dynamic authorization client.

    Provide the following settings:

    • DAC Name— Type a name for the dynamic authorization client.
    • IP Address—Type the IP Address of the dynamic authorization client.
    • Key—Enter the authentication key used to communicate with the RADIUS server.
    • Disconnect—When checked (default), a terminated client on the network is disconnected. When unchecked, a terminated client is re-authenticated.
    • Change of Authorization—Request packets contain information for dynamically changing session authorizations. Typically, this is used to change data filters. The data filters can be of either the ingress or egress kind, and are sent in addition to the NAS and Session identification attributes
    • Replay Protection—Drop the request with out-of-change or no timestamp.
    • Replay Window—Maximum seconds that local and client times can differ.
    • Wired Access Rule—four wired rule names for RADIUS DAC.
    • SSID Selection—Indicate which SSIDs the client is allowed to access after authentication. Move up to four of the available SSIDs from the list on the left to the list on the right.

    Click OK to add the client and close the Add DAC window.

    Task: Edit a dynamic authorization client

    Select a client from the list and then click Edit. Make changes and then click OK.

    Task: Delete a dynamic authorization client

    Select a client from the list and then click Delete and then click OK.

    Specifying DHCP Relay/DNS Settings for Campus Switching ELS Device Common Settings

    To configure the DHCP relay and DNS settings for a Campus Switching ELS Device profile, enter the settings described in Table 11. All settings are optional.

    Table 11: Device Profile Protocol Settings for ELS Switching

    Task

    Action

    DHCP Relay

    DHCP relay enables a switch to relay DHCP requests from a client to a DHCP server when the client and server do not reside on the same VLAN. You define the client interfaces for DHCP relay as part of the process of assigning the profile to a device. Select Enable DHCP Relay to enable DHCP Relay and view the DHCP Relay configuration.

    Configure Legacy DHCP Relay for ELS Switches

    To configure Legacy DHCP Relay for Campus Switching ELS:

    1. Select Legacy DHCP Relay (default).
    2. Add DHCP servers for Legacy DHCP Relay:
      1. Click Add under DHCP Servers.

        The Add Server window opens.

      2. Enter the IP address of the DHCP server and then click OK.

        The DHCP server name appears in the list of DHCP servers.

      Tip: You can add more than one DHCP server.

    Configure Extended DHCP Relay for Campus Switching ELS

    To add Extended DHCP Relay to this Campus Switching ELS Device profile:

    1. Select Extended DHCP Relay.
    2. Add one or more DHCP Servers Groups to the Device Common Settings profile:
      1. Click Add under Add DHCP Servers Group.

        The Add Server Group window opens.

      2. Provide a name for the server group.
      3. Optionally, make this an active server group by checking Active Group.
      4. Add servers to the group by clicking Add under DHCP Servers.

        The phrase Click to enter value appears in the IP Address column.

      5. Select Click to enter value and then enter an IP Address.
      6. Click OK.

        The server is added to the DHCP server group list.

      7. Add a relay interface group by clicking Add under Add Relay Interface Group.

        The Add DHCP Relay Interface window opens.

      8. Type a group name for the DHCP interface.
      9. Select a server group from the Server Group list.
      10. Click OK.

        The group is added to the Relay Interface Group list.

    DNS Settings

    Add a domain name server

    To add a domain name server to the Campus Switching ELS Common Settings:

    1. Click Add under Domain Name Servers.

      The Add Server window opens.

    2. Provide an IP address for the DNS server.
    3. Click OK.

      The server is added to the Domain Name Servers list.

    Tip: To edit a DNS server’s settings, select it and then click Edit. To delete a DNS server, select it and then click Delete.

    Click either Next or Review, to see the Review page. For review directions, see Reviewing and Saving a Device Common Settings Configuration.

    Specifying Protocol Settings for Data Center Switching Non-ELS Device Common Settings

    To configure the protocol settings for a Device profile, enter the settings described in Table 12. All settings are optional.

    Table 12: Device Profile Protocol Settings for Data Center Switching Non-ELS

    Field

    Action

    Enable Storm Control

    Select this option to enable storm control on a switch.

    Spanning Tree Protocol Settings

    Select one of spanning-tree protocol (STP) settings for switches: STP, RSTP, MSTP, or None of these.

    • Spanning Tree Protocol—With STP configured, the switches use the IEEE 802.1D 2004 specification, force version 0. This configuration runs a version of RSTP that is compatible with classic, basic STP as defined in the 802.1D 1998 specification.
    • Rapid Spanning Tree Protocol—RSTP provides faster reconvergence time than the original STP both by identifying certain links as point-to-point and by using protocol handshake messages rather than fixed timeouts. VLAN Spanning Tree Protocol (VSTP) and RSTP can be configured concurrently. You can selectively configure up to 253 VLANs using VSTP; the remaining VLANs will be configured using RSTP. VSTP and RSTP are the only spanning-tree protocols that can be configured concurrently on a switch.
    • Multiple Spanning Tree Protocol—MSTP enables multiple VLANs to be mapped to the same spanning-tree instance, reducing the number of spanning-tree instances needed to support a large number of VLANs. MSTP provides multiple forwarding paths for data traffic and enables load-balancing. It improves the fault tolerance of the network because a failure in one instance, or forwarding path, does not affect other instances.

    Select the Enable VSTP check box to enable VSTP.

    Multicast Settings

    Select a multicast setting for switches:

    • Enable IGMP—Enables IGMP on all the interfaces for the selected device. (Default is disabled.)
    • Enable IGMP Snooping—Enables IGMP snooping (monitoring) on all VLANs. (Default is enabled.)

    DCBX Settings

    Select the Data Center Bridging Capability Exchange (DCBX) protocol features that you want to enable:

    • Enable DCBX—DCBX is a discovery and exchange protocol for conveying configuration and capabilities among neighbors to ensure consistent configuration across the network. It is an extension of Link Layer Discovery Protocol (LLDP).
    • Enable LLDP Snooping—LLDP is a discovery and exchange protocol for conveying configuration and capabilities among neighbors to ensure consistent configuration across the network. Snooping is monitoring traffic, in this case LLDP traffic.

    Enable DHCP Relay

    Select Enable DHCP Relay to enable DHCP relay. DHCP relay enables a switch to relay DHCP requests from a client to a DHCP server when the client and server do not reside on the same VLAN. You will define the client interfaces for DHCP relay as part of the process of assigning the profile to a device.

    Add DHCP Relay Servers

    To add DHCP servers:

    1. Click Add.

      The Add Server window opens.

    2. Enter the IP address of the DHCP server and then click OK.

      The DHCP server name appears in the list of DHCP servers.

    3. You can enter more than one DHCP server.

    Tip: Select an IP Address from the DHCP Servers table and click Edit if you want to modify the IP address. Select an IP Address from the DHCP Servers table and click Delete to remove from the table.

    DNS Settings

    To configure DNS:

    1. Click Add to add a DNS server.

      The Add Server window opens.

    2. Enter the IP address of the DNS server.
    3. Click OK.

    Tip: Select an IP Address from the Domain Name Servers table and click Edit if you want to modify the IP address. Select an IP Address from the Domain Name Servers table and click Delete to remove from the table.

    Click either Next or Review, to see the Review page. For review directions, see Reviewing and Saving a Device Common Settings Configuration.

    Specifying Protocol Settings for Data Center Switching ELS Device Common Settings

    To configure the protocol settings for a Data Center Switching ELS Device profile, enter the settings described in Table 13. All settings are optional.

    Table 13: Device Profile Protocol Settings for Data Center Switching ELS

    Task

    Action

    DCBX Settings

    Select the Data Center Bridging Capability Exchange (DCBX) protocol features that you want to enable

    Enable DCBX

    Select Enable DCBX. DCBX is a discovery and exchange protocol for conveying configuration and capabilities among neighbors to ensure consistent configuration across the network. It is an extension of Link Layer Discovery Protocol (LLDP).

    Enable LLDP

    Select Enable LLDP. LLDP is a discovery and exchange protocol for conveying configuration and capabilities among neighbors to ensure consistent configuration across the network.

    DHCP Relay

    DHCP relay enables a switch to relay DHCP requests from a client to a DHCP server when the client and server do not reside on the same VLAN. You define the client interfaces for DHCP relay as part of the process of assigning the profile to a device. Select Enable DHCP Relay to enable DHCP Relay and view the DHCP Relay configuration.

    Configure Legacy DHCP Relay for ELS Switches

    To configure Legacy DHCP Relay for Campus Switching ELS:

    1. Select Legacy DHCP Relay (default).
    2. Add DHCP servers for Legacy DHCP Relay:
      1. Click Add under DHCP Servers.

        The Add Server window opens.

      2. Enter the IP address of the DHCP server and then click OK.

        The DHCP server name appears in the list of DHCP servers.

      Tip: You can add more than one DHCP server.

    Configure Extended DHCP Relay for Campus Switching ELS

    To add Extended DHCP Relay to this Campus Switching ELS Device profile:

    1. Select Extended DHCP Relay.
    2. Add one or more DHCP Servers Groups to the Device Common Settings profile:
      1. Click Add under Add DHCP Servers Group.

        The Add Server Group window opens.

      2. Provide a name for the server group.
      3. Optionally, make this an active server group by checking Active Group.
      4. Add servers to the group by clicking Add under DHCP Servers.

        The phrase Click to enter value appears in the IP Address column.

      5. Select Click to enter value and then enter an IP Address.
      6. Click OK.

        The server is added to the DHCP server group list.

      7. Add a relay interface group by clicking Add under Add Relay Interface Group.

        The Add DHCP Relay Interface window opens.

      8. Type a group name for the DHCP interface.
      9. Select a server group from the Server Group list.
      10. Click OK.

        The group is added to the Relay Interface Group list.

    DNS Settings

    Add a domain name server

    To add a domain name server to the Campus Switching ELS Common Settings:

    1. Click Add under Domain Name Servers.

      The Add Server window opens.

    2. Provide an IP address for the DNS server.
    3. Click OK.

      The server is added to the Domain Name Servers list.

    Tip: To edit a DNS server’s settings, select it and then click Edit. To delete a DNS server, select it and then click Delete.

    Click either Next or Review, to see the Review page. For review directions, see Reviewing and Saving a Device Common Settings Configuration.

    Reviewing and Saving a Device Common Settings Configuration

    From this page, you can save or make changes to Device Common Settings:

    • To make changes to the settings, click the Edit associated with the configuration you want to change.

      Alternatively, you can also click appropriate sections of the workflow at the top of the page that corresponds to the configuration you want to change.

      When you have completed your modifications, click Review to return to this page.

    • To save a new profile or to save modified settings to an existing profile, click Finish.

      The Manage Device Common Settings page is displayed with the new or modified profile listed

    What to Do Next

    Once the Device Common Settings profile is created, you must assign the profile to the required device by using the Manage Device Profile page and then deploy the Device profile by using the Deploy mode. To assign a Device Common Settings profile to a device, see Assigning Device Common Settings to Devices. For information about deploying your configurations, see Deploying Configuration to Devices.

    Note: A device can have only one Device profile assigned to it. However, you can assign the same Device profile to multiple devices.

    Modified: 2017-06-08