Cisco Sg2008 Manual

							Administration
Managing User Accounts
Cisco Small Business SG200 Series 8-port Smart Switch41
3
 
As you enter a password, the number and color of vertical bars changes to 
indicate the password strength, as follows:
•Red—The password fails to meet the minimum complexity requirements. 
The text “Below Minimum” displays to the right of the meter.
•Orange—The password meets the minimum complexity requirements but 
the password strength is weak. The text “Weak” displays to the right of the 
meter.
•Green—The password is strong. The text “Strong” displays to the right of the 
meter.
If Password Strength Enforcement is enabled, Apply is not available until the 
strength meter is orange and the password is confirmed.
When adding a user, you can temporarily disable the password strength check to 
allow configuring a password that does not meet the strength check criteria. Click 
Disable Password Strength Enforcement and then click OK when the warning 
displays. 
To disable the Password Strength Enforcement for all users, or to configure its 
characteristics, use the Password Strength page.
STEP  4Click Apply and then click Close. Your changes are saved to the Running 
Configuration.
Deleting a User
You can delete all users except the default user, typically the cisco user ID.
To delete a user, select the user name in the User Accounts Table and click Delete. 
						

							Administration
Enabling Management Services
Cisco Small Business SG200 Series 8-port Smart Switch42
3
 
Enabling Management Services
Use the Management Ser vices page to enable and disable the available types of 
management connections. By default, HTTP access is enabled. 
Configuring the Idle Session Timeout
The software automatically logs users off the management interface when there is 
no activity for a specified period of time. The user must reauthenticate after a 
timeout. You can use the Idle Ses sion Timeout page to configure the timeout 
period. 
To configure the timeout period:
STEP 1Click Administration > Idle Session Timeout in the navigation window.
STEP  2Specify the parameter:
•HTTP Session Timeout—The inactivity timeout for HTTP sessions. The 
value must be in the range of 1 to 60 minutes. The default value is 10 
minutes.
STEP  3Click Apply. Your changes are saved to the Running Configuration.
Login Sessions
The Login Sessions page displays active management login sessions. To display 
this page, click Administration > Login Sessions in the navigation window.
The page lists the following information for each user currently logged in:
•ID—A system-generated ID for the login session.
•User Name—Name that the user used to log in.
•Connection From—IP address of the host.
•Idle Time—Time that has elapsed since the last activity from this user.
•Session Time—Amount of time that has elapsed since this user logged in.
•Session Type—Protocol in use for the management session (HTTP). 
						

							Administration
Login Histor y
Cisco Small Business SG200 Series 8-port Smart Switch43
3
 
•Authentication Method—Lists the protocol used to authenticate the 
session login. It can be Radius, Local, or None.
Login History
You can use the Login Histor y page to display data on previous logins to the 
management software. To display this page, click Administration > Login History 
in the navigation window.
This page displays the following fields:
•Login Time—Date and time the user logged in.
•User Name—Name that the user used to log in.
•Protocol—Protocol the user is using to the configuration software, which 
can be HTTP, Telnet, Serial, SSH, or SNMP.
•Location—IP address of the host.
Time Settings
A system clock is used to provide a network-synchronized time-stamping service 
for switch software events such as message logs. You can configure the system 
clock manually or configure the switch as a Simple Network Time Protocol (SNTP) 
client that obtains the clock data from a server.
Se e the following topic s for information on the configuration pages available in the 
Administration > Time Settings menu:
•Setting System Time
•Configuring the SNTP Setting
•Configuring SNTP Authentication
Setting System Time
Use the System Time page to set the system time manually or to configure the 
system to acquire its time settings from an SNTP server. To display this page, click 
Administration > Time Settings > System Time in the navigation window. 
						

							Administration
Ti m e  S e t t i n g s
Cisco Small Business SG200 Series 8-port Smart Switch44
3
 
By default, the time is configured locally on the switch. 
NOTEThe actual system time, date, time zone information, and daylight savings time 
status appears at the bottom of the page.
Specifying Clock Settings Locally
To configure the time settings locally:
STEP 1On the System Time page, select Use Local Settings.
STEP  2Select Timezone Source - DHCP if you want to have the switch to acquire its 
timezone from a DHCP server.
STEP  3Select Set Date/ Time from Computer to have the switch retrieve the time 
settings from the computer you are using to access the switch.
Or clear this field and configure the following time settings:
•Date—Enter the date in mm/dd/yyyy format, such as 01/01/2010 for 
January 1, 2010.
•Local Time—Enter the current time in HH:mm:ss format, such as 22:00:00 for 
10 p.m. (The hint text displays HH if the time is based on a 24-hour clock or 
hh if the time is in 12-hour clock format.)
•GMT Time Zone Offset—Select the number of hours and minutes 
difference between the local time zone and Greenwich Mean Time (GMT).
STEP  4In the Time Zone Acronym field, specify an optional acronym up to four characters 
to identify the configured settings. This field is for reference only.
STEP  5Select Daylight Saving to configure Daylight Savings Time (DST) settings, if 
applicable to your time zone. When selected, configure the following fields: 
						

							Administration
Ti m e  S e t t i n g s
Cisco Small Business SG200 Series 8-port Smart Switch45
3
 
•USA/European/Other—Select USA or European to have the DST offset 
c o n f i g u r e d  t o  t h e  v a l u e s  u s e d  i n  t h o s e  l o c a t i o n s .  O r  s e l e c t  Other to configure 
the settings manually. When configuring manually, you can configure the 
settings for the upcoming DST period only, or you can configure recurring 
settings.
•DST Time Zone Acronym—Specify an optional acronym up to four 
characters to identify the configured settings. This field is for reference only. 
(The characters , , %, and ? are not supported.)
•Daylight Savings Offset—Specify the number of minutes to move the clock 
for ward when D ST be gins .
•From/ To—Specify the date and time when DST starts and ends.
•Recurring—Select to specify recurring DST periods by selecting the day of 
the week and number of weeks into the year when DST begins and ends 
each year.
STEP  6Click Apply. Your changes are saved to the Running Configuration.
Configuring the Switch as an SNTP Client
You can also configure the switch to acquire time from an SNTP server by 
configuring the switch SNTP Settings. 
To configure the switch to acquire time settings from an SNTP server:
STEP 1On the System Time page, select Use SNTP Server.
STEP  2Configure the SNTP client operation mode of the switch:
•Unicast—Configures the switch to send unicast SNTP requests to 
configured unicast SNTP servers only. You must add at least one unicast 
SNTP server to enable this feature. (Default SNTP servers require that 
Unicast is selected.)
•Broadcast—Configures the switch to get its time settings from SNTP 
messages broadcast from SNTP servers.
STEP  3Select Timezone Source - DHCP if you want to have the switch to acquire its 
timezone from a DHCP server.
STEP  4Configure the GMT Time Zone Offset by selecting the number of hours and 
minutes difference between the local time zone and Greenwich Mean Time (GMT), 
and specify a Time Zone Acronym. 
						

							Administration
Ti m e  S e t t i n g s
Cisco Small Business SG200 Series 8-port Smart Switch46
3
 
NOTE: If the Timezone Source - DHCP setting is enabled and time zone 
information is received from the DHCP ser ver, then that information will be used to 
adjust instead of the manually configured GMT Time Zone Offset and Acronym.
STEP  5Configure the Daylight Savings Time settings, as described in step 5 in Specifying 
Clock Set tings Locally.
STEP  6Click Apply. Your changes are saved to the Running Configuration.
STEP  7Use the Configuring the SNTP Setting and Configuring SNTP Authentication to 
configure additional SNTP settings, such as polling intervals, unicast server 
addresses, and authentication information the switch needs to access SNTP 
servers.
Configuring the SNTP Setting
The switch supports the Simple Network Time Protocol (SNTP). SNTP ensures 
accurate network device time synchronization up to the millisecond. Time 
synchronization is performed by a network SNTP server. The switch operates as 
an SNTP client only and cannot provide time services to other systems.
To display the SNTP Setting page, click Administration > Time Settings > 
SNTP Setting in the navigation window. 
Configuring the SNTP Setting
STEP 1Ensure that the Use SNTP Server option is selected on the System Time page and 
that the Unicast or Broadcast mode is selected as required. 
STEP  2On the SNTP Setting page, configure the following: 
						

							Administration
Ti m e  S e t t i n g s
Cisco Small Business SG200 Series 8-port Smart Switch47
3
 
•Client Port—The logical port number to use for the SNTP client on the 
switch. The default is the well-known IANA port number for this service, 123.
•Unicast Poll Interval—The relative rate at which the switch sends 
synchronization messages to the SNTP server. This field is editable only 
when SNTP Unicast reception is selected. Enter a value from 3 to 16. The 
default value is 3. The actual interval, in seconds, is the specified value to the 
power of 2; for example, if you enter 4, the poll interval is 16 seconds. 
•Broadcast Poll Interval—The relative rate that the switch broadcasts 
synchronization messages. This field is editable only when SNTP Broadcast 
reception is selected. Enter a value from 3 to 16. The default value is 3. The 
actual interval, in seconds, is the specified value to the power of 2; for 
example, if you enter 4, the poll interval is 16 seconds.
If the switch detects a server, it ignores time broadcasts from other SNTP 
servers unless the Broadcast Poll Interval expires three consecutive times 
without an update received from the server.
STEP  3Click Apply. Your changes are saved to the Running Configuration.
Adding and Modifying SNTP Servers
The Unicast SNTP Servers Table displays the following information for each SNTP 
server that you configure:
•SNTP Server—IP address or hostname of the SNTP server.
•Authentication Key ID—Encryption key required to communicate with the 
SNTP server.
•Last Attempt Time—The time of the most recent attempt by the switch to 
synchronize with an SNTP unicast server.
•Status—Operating status of the SNTP server. Possible values are:
-Success—Client could get the time from this server.
-Request timed-out—Client request timed out.
-Bad Date Encoded—A bad date format was received from server.
-Version Not Supported—Server does not support the SNTP version 
configured on the switch.
-Server Unsynchronized—Switch time is not synchronized with the 
server. 
						

							Administration
Ti m e  S e t t i n g s
Cisco Small Business SG200 Series 8-port Smart Switch48
3
 
-Server Kiss of Death—SNTP server has replied with a kiss of death 
packet, instructing the switch to stop sending requests to the server, due 
to traffic spikes or other error conditions.
-Other—The status could not be determined.
•Last Response—Time of the last response from the SNTP server.
•Version—SNTP protocol version the server uses.
•Port—Protocol port number (123 is a well-known port number for SNTP).
•Polling Mode—Whether the switch is configured to send SNTP requests to 
this server (Enabled or Disabled).
•To t a l  U n i c a s t  R e q u e s t s—The total number of synchronization requests the 
switch has made to the unicast server.
To edit the settings for a server, check the box to select it, and then click Edit. To 
remove a server, check the box to select it, and then click Delete. To add a new 
server, click Add, and then enter the settings, as described below. 
To add an SNTP server:
STEP 1Click Add.
STEP  2Enter the parameters:
•SNTP Server—Enter an IPv4 address or a domain name. To use a domain 
name, ensure that the DNS service is enabled on the switch (see Domain 
Name System).
•Authentication Key—Select Enable if authentication is needed when 
communicating with the SNTP server.
•Authentication Key ID—If authentication is used, select the Authentication 
Key ID from the list. See Configuring SNTP Authentication for information 
on configuring authentication keys.
•Polling Mode—Select Enable to allow the switch to send requests to this 
server. 
						

							Administration
Ti m e  S e t t i n g s
Cisco Small Business SG200 Series 8-port Smart Switch49
3
 
•Port—Specify the UDP port number to be specified in the SNTP message 
headers. By default, the port number is the well-known IANA value of 123.
•Version—Specify the highest SNTP version (1–4) that the server supports.
STEP  3Click Apply and then click Close. Your changes are saved to the Running 
Configuration.
Viewing Active Server Properties and Global Parameters
The SNTP Setting page displays the following properties for the SNTP server, if 
any, from which the switch most recently acquired its time settings. This page also 
displays global (nonconfigurable) parameters.
Active Server:
•Server Host Address—IP address of the SNTP server.
•Server Type—IP protocol version the server uses (IPv4 or IPv6).
•Server Stratum—Hierarchical level of the SNTP server that identifies its 
distance from a reference clock.
•Server Reference Id—32-bit code that identifies the reference clock that 
this server uses.
•Server Mode—Mode in which the server is operating:
-Unicast—The SNTP server listens to unicast requests from SNTP 
clients.
-Broadcast—The SNTP server sends broadcast messages periodically 
to SNTP clients.
-Reserved—No reply has been received from an SNTP Server. When a 
response is received from a server, it is overwritten with one of the valid 
states (Broadcast or Unicast).
Global Parameters:
•SNTP Client Version—The highest SNTP protocol version supported by the 
switch.
•Last Update Time—The time of receipt of the most recent SNTP update. 
						

							Administration
Ti m e  S e t t i n g s
Cisco Small Business SG200 Series 8-port Smart Switch50
3
 
•Last Unicast Attempt Time—The time of the most recent attempt by the 
switch to synchronize with an SNTP unicast server.
•Client Mode—The configured SNTP client mode (Unicast or Broadcast). 
See the System Time to configure this mode.
•Server Maximum Entries—Maximum number of servers that you can 
configure on the switch.
•Server Current Entries—Number of SNTP servers currently configured on 
the system, as listed in the Unicast SNTP Servers Table.
•Broadcast Count—Number of SNTP broadcast packets that the switch has 
received from SNTP servers.
Configuring SNTP Authentication
Use the SNTP Authentication page to configure encryption keys, which contain 
the identifying information that the switch uses to authenticate to STNP servers. 
You also use this page to enable the SNTP authentication service.
When you define SNTP servers that the switch can use, you specify whether a 
server uses authentication and which authentication key it uses.
NOTEYou must configure at least one trusted authentication key before you enable SNTP 
authentication. Otherwise, the Failed to enable SNTP Authentication 
message displays.
To configure an authentication key and enable this service:
STEP 1Click Administration > Time Settings > SNTP Authentication in the navigation 
window.
The SNTP Authentication Table displays each currently configured authentication 
key and whether the key is currently enabled for use as a trusted key.
STEP  2Select Enable to require the switch to authenticate to an SNTP server before 
synchronizing its time.
STEP  3Click Apply. Your changes are saved to the Running Configuration.