Users Guide

ManualsBrandsDell ManualsAccess PlatformsOS9

Configuration Task List for AAA Accounting.......................................................................................................741

RADIUS Accounting.................................................................................................................................................. 743

AAA Authentication........................................................................................................................................................ 748

Configuration Task List for AAA Authentication................................................................................................748

Obscuring Passwords and Keys................................................................................................................................... 751

AAA Authorization........................................................................................................................................................... 751

Privilege Levels Overview....................................................................................................................................... 752

Configuration Task List for Privilege Levels....................................................................................................... 752

RADIUS..............................................................................................................................................................................756

RADIUS Authentication............................................................................................................................................756

Configuration Task List for RADIUS..................................................................................................................... 757

TACACS+..........................................................................................................................................................................760

Configuration Task List for TACACS+................................................................................................................. 760

TACACS+ Remote Authentication.........................................................................................................................761

Command Authorization.......................................................................................................................................... 762

Protection from TCP Tiny and Overlapping Fragment Attacks...........................................................................763

Enabling SCP and SSH.................................................................................................................................................. 763

Using SCP with SSH to Copy a Software Image...............................................................................................764

Removing the RSA Host Keys and Zeroizing Storage .................................................................................... 764

Configuring When to Re-generate an SSH Key ............................................................................................... 765

Configuring the SSH Server Key Exchange Algorithm.................................................................................... 765

Configuring the HMAC Algorithm for the SSH Server.................................................................................... 766

Configuring the HMAC Algorithm for the SSH Client......................................................................................766

Configuring the SSH Server Cipher List..............................................................................................................767

Configuring the SSH Client Cipher List................................................................................................................767

Secure Shell Authentication................................................................................................................................... 768

Troubleshooting SSH................................................................................................................................................770

Telnet................................................................................................................................................................................. 770

VTY Line and Access-Class Configuration................................................................................................................770

VTY Line Local Authentication and Authorization..............................................................................................771

VTY Line Remote Authentication and Authorization......................................................................................... 771

VTY MAC-SA Filter Support................................................................................................................................... 772

Role-Based Access Control.......................................................................................................................................... 772

Overview of RBAC.................................................................................................................................................... 773

User Roles................................................................................................................................................................... 775

AAA Authentication and Authorization for Roles...............................................................................................778

Role Accounting.........................................................................................................................................................780

Display Information About User Roles...................................................................................................................781

Two Factor Authentication (2FA)...............................................................................................................................782

Handling Access-Challenge Message...................................................................................................................782

Configuring Challenge Response Authentication for SSHv2..........................................................................783

SMS-OTP Mechanism..............................................................................................................................................783

Configuring the System to Drop Certain ICMP Reply Messages........................................................................783

SSH Lockout Settings....................................................................................................................................................785

Chapter 47: Service Provider Bridging....................................................................................... 786

VLAN Stacking.................................................................................................................................................................786

Configure VLAN Stacking........................................................................................................................................787

Creating Access and Trunk Ports..........................................................................................................................788

Enable VLAN-Stacking for a VLAN.......................................................................................................................788

Contents