Users Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

Conguring Fast Hellos for Link State Detection...................................................................................................... 862

49 Security...................................................................................................................................................864

Role-Based Access Control..........................................................................................................................................864

Overview of RBAC.................................................................................................................................................. 864

User Roles.................................................................................................................................................................867

AAA Authentication and Authorization for Roles.................................................................................................870

Role Accounting....................................................................................................................................................... 873

Display Information About User Roles................................................................................................................... 874

AAA Accounting.............................................................................................................................................................875

Conguration Task List for AAA Accounting........................................................................................................ 875

AAA Authentication....................................................................................................................................................... 877

Conguration Task List for AAA Authentication...................................................................................................877

AAA Authorization..........................................................................................................................................................881

Privilege Levels Overview........................................................................................................................................881

Conguration Task List for Privilege Levels...........................................................................................................881

RADIUS........................................................................................................................................................................... 886

RADIUS Authentication and Authorization...........................................................................................................886

Conguration Task List for RADIUS.......................................................................................................................887

TACACS+........................................................................................................................................................................ 891

Conguration Task List for TACACS+....................................................................................................................891

TACACS+ Remote Authentication and Authorization.........................................................................................892

Command Authorization.........................................................................................................................................894

Protection from TCP Tiny and Overlapping Fragment Attacks............................................................................... 894

Enabling SCP and SSH................................................................................................................................................. 894

Using SCP with SSH to Copy a Software Image................................................................................................ 895

Removing the RSA Host Keys and Zeroizing Storage ....................................................................................... 896

Conguring When to Re-generate an SSH Key ..................................................................................................896

Conguring the SSH Server Cipher List...............................................................................................................896

Conguring the HMAC Algorithm for the SSH Server....................................................................................... 897

Conguring the HMAC Algorithm for the SSH Client.........................................................................................898

Conguring the SSH Server Cipher List...............................................................................................................898

Conguring the SSH Client Cipher List................................................................................................................ 899

Secure Shell Authentication................................................................................................................................... 899

Troubleshooting SSH...............................................................................................................................................902

Telnet...............................................................................................................................................................................902

VTY Line and Access-Class Conguration................................................................................................................. 902

VTY Line Local Authentication and Authorization...............................................................................................903

VTY Line Remote Authentication and Authorization...........................................................................................903

VTY MAC-SA Filter Support.................................................................................................................................. 904

Two Factor Authentication (2FA)................................................................................................................................904

Handling Access-Challenge Message...................................................................................................................904

Conguring Challenge Response Authentication for SSHv2.............................................................................905

SMS-OTP Mechanism............................................................................................................................................905

Conguring the System to Drop Certain ICMP Reply Messages............................................................................905

Contents