Forcepoint X Series Guida rapida
X Series™ Switch Configuration
v8.4.x
Forcepoint™ X Series Appliance
Forcepoint X Series Appliance
©1996–2017, Forcepoint LLC
10900-A Stonelake Blvd, Quarry Oaks 1, Suite 350, Austin, TX 78759, USA
All rights reserved.
Printed in the United States and Ireland
R042816820
The products and/or methods of use described in this document are covered by U.S. Patent Numbers 5,983,270; 6,606,659; 6,947,985; 7,185,015;
7,194,464 and RE40,187 and other patents pending.
This document may not, in whole or in part, be copied, photocopied, reproduced, translated, or reduced to any electronic medium or machine-
readable form without prior consent in writing from Forcepoint LLC.
Every effort has been made to ensure the accuracy of this manual. However, Forcepoint LLC, makes no warranties with respect to this
documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. Forcepoint LLC, shall not be liable for
any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein.
The information in this documentation is subject to change without notice.
Trademarks
Forcepoint™ is a trademark and TRITON is a trademark of Forcepoint LLC, in the United States and certain international markets. Forcepoint has
numerous other unregistered trademarks in the United States and internationally. All other trademarks are the property of their respective owners.
Microsoft, Windows, Windows NT, Windows Server, and Active Directory are either registered trademarks or trademarks of Microsoft Corporation
in the United States and/or other countries.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Mozilla and Firefox are registered trademarks of the Mozilla Foundation in the United States and/or other countries.
eDirectory and Novell Directory Services are a registered trademarks of Novell, Inc., in the U.S and other countries.
Adobe, Acrobat, and Acrobat Reader are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or
other countries.
Red Hat is a registered trademark of Red Hat, Inc., in the United States and other countries. Linux is a trademark of Linus Torvalds, in the United
States and other countries.
This product includes software distributed by the Apache Software Foundation (http://www.apache.org).
Copyright (c) 2000. The Apache Software Foundation. All rights reserved.
Other product names mentioned in this manual may be trademarks or registered trademarks of their respective companies and are the sole property
of their respective manufacturers.
© 2017 Forcepoint LLC.
Forcepoint X Series™
Switch Configuration
In this guide:
●Switch basics, page 2
●Assigning switch I/O modules an IP address, page 5
●Configuring VLAN and switch high availability, page 15
●X10G switch configuration tool, page 20
●Installing a new switch, page 23
X Series v8.4.x: Switch Configuration 2
Switch basics
X Series appliances come with two Dell PowerConnect M6220 switches. When used
with the X10G™, each switch supports two 10Gb SFP+ ports.
Support is provided for VLAN, with optional switch high availability (A1/A2). See
Configuring VLAN and switch high availability, page 15.
The switch ports used and their specific configuration are determined by the network
type.
A Microsoft Windows hosted switch configuration tool is provided to simplify the
switch configuration process.
VLAN and switch high availability
The X10G integrated 10Gb switches (A1 and A2) can be configured for both VLAN
and switch high availability (HA).
Support for VLANs requires:
●A connection to an external upstream switch with one or two 10Gb trunk ports.
●A 10Gb cable to a 10Gb port on the A1 switch.
●Configuration of both switch A1 and A2 using the X Series switch configuration
tool. Optionally, the switches can be configured manually by a knowledgeable
administrator.
●Configuration of VLAN support on the blades.
X Series v8.4.x: Switch Configuration 3
●Configuration of the STP priority on the upstream switch, X10G switches, and
blades.
Support for switch HA requires:
●Configuration of VLAN support on the blades.
●Connection of a 10Gb trunk port on both the A1 and A2 switches on the X10G
chassis to one or more upstream switches.
●Configuration of the A1 and A2 switches, performed with the X Series switch
configuration tool. Optionally, the switches can be configured manually by a
knowledgeable administrator.
In the switch HA configuration, any one switch can be removed from service at any
time for maintenance.
It is a best practice to verify that network traffic is flowing to your blade servers as
expected, and if switch HA is configured, that failover works as expected.
X Series v8.4.x: Switch Configuration 4
Default switch configuration
Switches A1 and A2 arrive with the following default configuration:
Switch A1
P1 Te1/2/1 Enabled
10 gigabit
1518 maximum frame size (configurable)
Full duplex
Auto negotiation disabled
Flow control disabled
P1 Te1/2/2 Disabled
10 gigabit
1518 maximum frame size (configurable)
Full duplex
Auto negotiation disabled
Flow control disabled
Other ports are not supported.
Switch A2
P2 Te1/2/1 Enabled
10 gigabit
1518 maximum frame size (configurable)
Full duplex
Auto negotiation disabled
Flow control disabled
P2 Te1/2/2 Disabled
10 gigabit
1518 maximum frame size (configurable)
Full duplex
Auto negotiation disabled
Flow control disabled
Other ports are not supported.
X Series v8.4.x: Switch Configuration 5
Accessing a switch
To access switch A1 or A2:
1. Log on to the CMC, go to I/O Module Overview, and click the Launch IOM
GUI button for switch A1 or switch A2.
If the button isn’t available, it’s because an IP address has not been configured.
See Assigning switch I/O modules an IP address, page 5.
2. A logon window displays. Log on. The Dell default credentials are: Username
‘root’, password ‘calvin’. Change these to comply with your organization’s
security policies.
The switch home screen shows the status of all ports on the switch. A green port is
up (enabled), a blue port is down (disabled).
3. Click on a port to go to its configuration page.
Proceed with your desired configuration changes.
For additional guides for the X10G Chassis and Security Blades, please visit the
X10G support page.
Assigning switch I/O modules an IP address
Switches A1 and A2 are accessed through the Chassis Management Controller
(CMC). Before they can be accessed, each must be assigned an IP address. To assign
an IP address:
X Series v8.4.x: Switch Configuration 6
1. Log on to the CMC and go to Chassis Overview > I/O Module Overview >
A1 Gigabit Ethernet (or A2).
2. Click the Setup tab.
3. For each of A1 and A2, uncheck DHCP Enabled, and enter an IP address, subnet
mask, and gateway. The IP addresses must be unique.
4. Click Apply. It takes a minute or 2 for the settings to be applied.
X Series v8.4.x: Switch Configuration 7
IMPORTANT: The GUI may initially indicate that the settings reverted to the
previous values. Wait 2 or 3 minutes for the configuration action to complete and
then refresh the page.
To access a switch, go to Chassis Overview > I/O Module Overview and click the
Launch IOM GUI button corresponding to the switch you want to access.
Enabling and disabling ports
Enabling and disabling ports should not be necessary if you plan to use the provided
switch configuration tool to configure the switches.
To enable or disable a port:
1. Log on to the CMC, go to I/O Module Overview, and click the Launch IOM
GUI button for switch A1 or A2.
If the button isn’t available, it’s because an IP address has not been configured.
See the preceding section.
2. A logon window displays. Log on.
X Series v8.4.x: Switch Configuration 8
The home screen shows the status of all ports on the switch. A green port is up
(enabled), a blue port is down (disabled).
3. To enable or disable a port, click on the green or blue area of the port. This opens
the Port Configuration: Detail page.
a. Confirm that the Port selection is correct. Change to another port if desired.
b. Add a description if desired.
c. Select Enable or Disable from the Admin Status drop down. This determines
if the port is enabled or disabled.
d. Examine and adjust other settings as needed and click Apply.
IMPORTANT: The UI may initially indicate that the settings reverted to the
previous values. Wait 2 or 3 minutes for the configuration action to complete
and then refresh the page.
Indice
