Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking S3100 Series

Protection from TCP Tiny and Overlapping Fragment Attacks............................................................................... 794

Enabling SCP and SSH..................................................................................................................................................794

Using SCP with SSH to Copy a Software Image................................................................................................ 795

Removing the RSA Host Keys and Zeroizing Storage ........................................................................................796

Conguring When to Re-generate an SSH Key ..................................................................................................796

Conguring the SSH Server Key Exchange Algorithm........................................................................................797

Conguring the HMAC Algorithm for the SSH Server........................................................................................797

Conguring the SSH Server Cipher List............................................................................................................... 798

Conguring DNS in the SSH Server......................................................................................................................798

Secure Shell Authentication................................................................................................................................... 799

Troubleshooting SSH............................................................................................................................................... 801

Telnet............................................................................................................................................................................... 801

VTY Line and Access-Class Conguration................................................................................................................. 802

VTY Line Local Authentication and Authorization............................................................................................... 802

VTY Line Remote Authentication and Authorization...........................................................................................803

VTY MAC-SA Filter Support.................................................................................................................................. 803

Role-Based Access Control..........................................................................................................................................803

Overview of RBAC.................................................................................................................................................. 804

User Roles................................................................................................................................................................ 806

AAA Authentication and Authorization for Roles................................................................................................ 809

Role Accounting........................................................................................................................................................812

Display Information About User Roles....................................................................................................................813

Two Factor Authentication (2FA).................................................................................................................................814

Handling Access-Challenge Message....................................................................................................................814

Conguring Challenge Response Authentication for SSHv2..............................................................................814

SMS-OTP Mechanism.............................................................................................................................................815

Conguring the System to Drop Certain ICMP Reply Messages.............................................................................815

Dell EMC Networking OS Security Hardening............................................................................................................817

Dell EMC Networking OS Image Verication........................................................................................................817

Startup Conguration Verication..........................................................................................................................818

Conguring the root User Password......................................................................................................................819

Enabling User Lockout for Failed Login Attempts............................................................................................... 820

49 Service Provider Bridging.........................................................................................................................821

VLAN Stacking................................................................................................................................................................821

Important Points to Remember..............................................................................................................................822

Congure VLAN Stacking.......................................................................................................................................822

Creating Access and Trunk Ports.......................................................................................................................... 823

Enable VLAN-Stacking for a VLAN....................................................................................................................... 824

Conguring the Protocol Type Value for the Outer VLAN Tag.......................................................................... 824

Conguring Dell EMC Networking OS Options for Trunk Ports........................................................................ 824

Debugging VLAN Stacking.....................................................................................................................................825

VLAN Stacking in Multi-Vendor Networks...........................................................................................................826

VLAN Stacking Packet Drop Precedence.................................................................................................................. 830

Enabling Drop Eligibility........................................................................................................................................... 830

Honoring the Incoming DEI Value...........................................................................................................................831

Contents