The port General tab provides general information about the selected port, and
also lets you view and change various port configuration settings.
To access the tab, select the port in the left-panel Network Elements tab,
then select the General tab in the right panel.
|
Click the graphic for more information.
|
General
- Name
- Name of the port, constructed of the name or IP address
of the device and either the port
index number or the port interface name.
- Index
- The index value assigned to the port interface.
- Interface Name
- A description of the port.
- Port Type
- Type of port. Possible values include: Access, CDP, CDP FTM 1
Backplane, FTM 1 Backplane, and Logical.
- Port Speed
- Speed of the port. Possible values include: 10/100, speed in megabits per
second (for example, 800.0 Mbps), Unknown (displayed for logical ports).
- Frozen (Prevents Port Modifications)
- Enables you to freeze (check) the port or clear (uncheck) the frozen
status on the port. Freezing a port "locks" it so that no one can
accidentally reconfigure sensitive attributes such as port authentication or
default role settings, or terminate sessions that are authenticated on the
port. See How to Freeze/Unfreeze
a Port for more information.
- TCI Overwrite
- Enable or disable TCI Overwrite functionality for the port. (This option
will be grayed out if the device on which the port is located does not
support TCI Overwrite.) Enabling TCI Overwrite causes the VLAN or class of service tag in a
received packet to be
overwritten by the VLAN (access control) and class of service characteristics
defined in the port's current or default role. If there is no role assigned to
the port, the port uses any static classification rules which exist. If there
are no static rules, the port uses the PVID and default class of service for the
port. TCI Overwrite is required for Tagged Packet
VLAN to Role Mapping, and can be
enabled either here on a per-port basis, or for an individual role in the role's
General tab.
Role Status
Displays the default and current role on the port, and lets you select a new default
role. The default role is the role assigned to the port if no other role has
been authenticated on it. The current role is the role currently active on the
port (either the default role or the currently logged-in and authenticated
user's role). If the port was not assigned a role when the end user logged in
(authenticated), or if authentication is disabled on a port, then the port's
default role will take effect. If you set a default role for the port, it is recommended that you
enable the Drop VLAN Tagged Frames feature.
- Default Role
- See
Default Role in the Concepts topic for
information on default roles. Click the Select
button to change the default role. For additional information, see
Port Mode.
- Current Role
- Displays the role currently active on the port. This current role is
either the role assigned to the port when an end user logs in
(authenticates), or it is the default role on the port. For ports on devices
that support multiple end users, refer to the
Port Usage tab, where you can see current role information for each end user login (authentication) session on the port.
- Select
- Click Select to select a new default role for the port. This
opens the Selection View (Roles) where you can select an existing role or
click New to launch the
Role Wizard and create a new role. Select the Clear the current
default role option to set the default role back to <None>.
Drop VLAN Tagged Frames
When the Drop VLAN Tagged Frames feature is enabled, any packet already tagged
with a VLAN coming into the port will be dropped. This provides extra security in that it prevents users from, for example, coming in
with a card capable of VLAN tagging and attempting to access the network. In most cases, you would enable this feature on user ports because you don't
want users to be tagging their own traffic, and you would disable it on interswitch link ports, where you want tagged packets to be accepted.
It is recommended that you enable the Drop VLAN Tagged Frames feature when you set a default role on a port
or when you enable authentication on a port, because these things indicate that
the port is a user port that should not be transmitting tagged packets. You can enable Drop VLAN Tagged
Frames for a single port here on the port's General tab, or on multiple ports simultaneously using the Port Configuration
Wizard. If the device does not support Drop VLAN Tagged Frames, this section
is grayed out.
| |
WARNING: |
Enabling this feature on a CDP or Backplane
port is likely to result in loss of contact with devices connected through the port.
|
- Drop VLAN Tagged Frames
- Lets you enable or disable the Drop VLAN Tagged Frames feature on this port.
Disabled Traffic Classification
Types
You can disable specific
classification rule types on an individual port as a way to disable
policy-assignment rules used in VLAN to Role Mapping, IP to Role Mapping, MAC to
Role Mapping, and Role Override. For example, you can disable the VLAN ID traffic classification type to disable
Tagged Packet VLAN to Role Mapping on the port. You can also disable all traffic
classification types, which effectively turns off policy on the port.
Use this area to create a list of rule types that will be disabled on the port.
- Add
- Opens the Traffic Classification Type wizard where you can select the
traffic classification type you want to disable on the port and add it to
the list.
- Add All
- Adds all traffic classification types to the list. This would disable
all traffic classification on the port, and the role's default class of service and/or default access control would take effect.
- Remove
- Removes the selected traffic classification type from the list.
- Apply
- Applies the list of disabled traffic classification types to the port.
For information on related concepts:
For information on related tasks:
For information on related windows: