Table of Contents
Advertisement
RADIUS Security
You can further secure CLI access to the switch or router by configuring the device to consult a Remote Access
Dial In User Service (RADIUS) server to authenticate user names and passwords. See "Configuring RADIUS
Security" on page 3-33.
Access Control Lists (ACLs)
Access control lists (ACLs) enable you to permit or deny packets based on source and destination IP address,
IP protocol information, or TCP or UDP protocol information. You can configure the following types of ACLs:
•
Standard – Permits or denies packets based on source IP address. ACL IDs 1 – 99 are for standard ACLs.
•
Extended – Permits or denies packets based on source and destination IP address and also based on IP
protocol information. ACL IDs 100 – 199 are for extended ACLs.
In addition, you can use ACLs to control CLI, Web, and IronView management access to the device. You also can
use ACLs for Policy-Based Routing (PBR).
See "Using Access Control Lists (ACLs)" on page 13-1.
Dynamic Configuration
Dynamic configuration enables you to make configuration changes without rebooting the system. Many of the
configuration changes you can make to Foundry switches and routers do not require a reboot and take effect
immediately. You can make the changes without causing network outages. The individual configuration chapters
describing each feature area (chapters 7 – 18) list the parameters that can be dynamically changed.
Soft Reboot
When you upgrade the software image on a Foundry switch or router, you do not need to power down the system
to use the new software. You can boot the new software immediately from the primary flash, secondary flash, a
TFTP server, or a BootP server.
You also can use this feature to test new versions of flash code before replacing the previous flash image.
For more details on the boot commands and on copying software to and from Foundry switches and routers, refer
to "Updating Software Images and Configuration Files" on page 7-1.
Scheduled System Reload
Although the dynamic configuration feature (see "Dynamic Configuration" on page 8-11) allows many parameter
changes to take effect immediately without a system reset, other parameters do require a system reset.
To place these parameters into effect, you must save the configuration changes to the configuration file, then
reload the system. The management interfaces provide an option to immediately reset the system. Alternatively,
you can use the scheduled system reload feature to configure the system to reload its flash code at a specific time
(based on the system clock or SNTP time) or after a specific amount of time has passed.
See "Scheduling a System Reload" on page 7-10.
Telnet
As described in "Management Interfaces" on page 8-8, Foundry devices allow you to access the CLI through a
Telnet connection. To establish the Telnet connection, you need the following:
•
An IP address on the Foundry device. See "Configuring IP Addresses" on page 2-17 for information.
•
A third-party terminal emulation application installed on a PC or workstation that has network access to the
Foundry device.
Trivial File Transfer Protocol (TFTP)
All Foundry devices allow you to use TFTP to copy files to and from the flash memory modules on the
management module. You can use TFTP to perform the following operations:
December 2000
Software Overview
8 - 11
- Quick Links:
- Configuring Ip Addresses
Hide quick links:
Advertisement
Chapters
Table of Contents
