Concept Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

Protocol Overview......................................................................................................................................................... 884

Conguring Rapid Spanning Tree................................................................................................................................ 884

Related Conguration Tasks...................................................................................................................................884

Important Points to Remember................................................................................................................................... 884

RSTP and VLT..........................................................................................................................................................885

Conguring Interfaces for Layer 2 Mode....................................................................................................................885

Enabling Rapid Spanning Tree Protocol Globally........................................................................................................886

Adding and Removing Interfaces.................................................................................................................................888

Modifying Global Parameters....................................................................................................................................... 888

Enabling SNMP Traps for Root Elections and Topology Changes.....................................................................889

Modifying Interface Parameters.................................................................................................................................. 890

Inuencing RSTP Root Selection.................................................................................................................................890

Conguring an EdgePort............................................................................................................................................... 891

Conguring Fast Hellos for Link State Detection....................................................................................................... 891

50 Security...................................................................................................................................................893

Role-Based Access Control..........................................................................................................................................893

Overview of RBAC.................................................................................................................................................. 893

User Roles................................................................................................................................................................ 896

AAA Authentication and Authorization for Roles................................................................................................ 899

Role Accounting.......................................................................................................................................................902

Display Information About User Roles...................................................................................................................903

AAA Accounting.............................................................................................................................................................904

Conguration Task List for AAA Accounting........................................................................................................904

AAA Authentication.......................................................................................................................................................906

Conguration Task List for AAA Authentication.................................................................................................. 906

AAA Authorization..........................................................................................................................................................910

Privilege Levels Overview........................................................................................................................................910

Conguration Task List for Privilege Levels...........................................................................................................910

RADIUS............................................................................................................................................................................915

RADIUS Authentication and Authorization........................................................................................................... 915

Conguration Task List for RADIUS....................................................................................................................... 916

Support for Change of Authorization and Disconnect Messages packets...................................................... 920

TACACS+........................................................................................................................................................................929

Conguration Task List for TACACS+...................................................................................................................929

TACACS+ Remote Authentication and Authorization..........................................................................................931

Command Authorization.........................................................................................................................................932

Protection from TCP Tiny and Overlapping Fragment Attacks............................................................................... 932

Enabling SCP and SSH................................................................................................................................................. 932

Using SCP with SSH to Copy a Software Image................................................................................................ 933

Removing the RSA Host Keys and Zeroizing Storage ....................................................................................... 934

Conguring When to Re-generate an SSH Key ..................................................................................................934

Conguring the SSH Server Cipher List...............................................................................................................935

Conguring DNS in the SSH Server..................................................................................................................... 935

Conguring the HMAC Algorithm for the SSH Server.......................................................................................936

Conguring the HMAC Algorithm for the SSH Client.........................................................................................936

Contents