Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

Conguring Fast Hellos for Link State Detection...................................................................................................... 866

49 Security...................................................................................................................................................868

Role-Based Access Control..........................................................................................................................................868

Overview of RBAC.................................................................................................................................................. 868

User Roles..................................................................................................................................................................871

AAA Authentication and Authorization for Roles................................................................................................. 874

Role Accounting....................................................................................................................................................... 877

Display Information About User Roles................................................................................................................... 878

AAA Accounting.............................................................................................................................................................879

Conguration Task List for AAA Accounting........................................................................................................ 879

AAA Authentication........................................................................................................................................................881

Conguration Task List for AAA Authentication...................................................................................................881

AAA Authorization.........................................................................................................................................................885

Privilege Levels Overview.......................................................................................................................................885

Conguration Task List for Privilege Levels..........................................................................................................885

RADIUS...........................................................................................................................................................................890

RADIUS Authentication and Authorization...........................................................................................................890

Conguration Task List for RADIUS....................................................................................................................... 891

TACACS+........................................................................................................................................................................895

Conguration Task List for TACACS+...................................................................................................................895

TACACS+ Remote Authentication and Authorization.........................................................................................896

Command Authorization.........................................................................................................................................898

Protection from TCP Tiny and Overlapping Fragment Attacks............................................................................... 898

Enabling SCP and SSH................................................................................................................................................. 898

Using SCP with SSH to Copy a Software Image................................................................................................ 899

Removing the RSA Host Keys and Zeroizing Storage ....................................................................................... 900

Conguring When to Re-generate an SSH Key ................................................................................................. 900

Conguring the SSH Server Cipher List...............................................................................................................900

Conguring the HMAC Algorithm for the SSH Server........................................................................................901

Conguring the HMAC Algorithm for the SSH Client.........................................................................................902

Conguring the SSH Server Cipher List...............................................................................................................902

Conguring the SSH Client Cipher List................................................................................................................ 903

Secure Shell Authentication................................................................................................................................... 903

Troubleshooting SSH...............................................................................................................................................906

Telnet...............................................................................................................................................................................906

VTY Line and Access-Class Conguration................................................................................................................. 906

VTY Line Local Authentication and Authorization............................................................................................... 907

VTY Line Remote Authentication and Authorization...........................................................................................907

VTY MAC-SA Filter Support.................................................................................................................................. 908

Two Factor Authentication (2FA)................................................................................................................................908

Handling Access-Challenge Message...................................................................................................................908

Conguring Challenge Response Authentication for SSHv2............................................................................. 909

SMS-OTP Mechanism............................................................................................................................................909

Conguring the System to Drop Certain ICMP Reply Messages............................................................................909

Contents