Service Manual

ManualsBrandsDell ManualsAccess PlatformsOS9

Support for Change of Authorization and Disconnect Messages packets..................................................776

TACACS+..........................................................................................................................................................................786

Configuration Task List for TACACS+................................................................................................................. 786

TACACS+ Remote Authentication........................................................................................................................788

Command Authorization..........................................................................................................................................789

Protection from TCP Tiny and Overlapping Fragment Attacks...........................................................................789

Enabling SCP and SSH.................................................................................................................................................. 789

Using SCP with SSH to Copy a Software Image.............................................................................................. 790

Removing the RSA Host Keys and Zeroizing Storage ..................................................................................... 791

Configuring When to Re-generate an SSH Key ................................................................................................ 791

Configuring the SSH Server Key Exchange Algorithm..................................................................................... 791

Configuring the HMAC Algorithm for the SSH Server.................................................................................... 792

Configuring the SSH Server Cipher List..............................................................................................................792

Configuring DNS in the SSH Server..................................................................................................................... 793

Secure Shell Authentication................................................................................................................................... 793

Troubleshooting SSH................................................................................................................................................796

Telnet................................................................................................................................................................................. 796

VTY Line and Access-Class Configuration................................................................................................................796

VTY Line Local Authentication and Authorization.............................................................................................796

VTY Line Remote Authentication and Authorization........................................................................................ 797

VTY MAC-SA Filter Support...................................................................................................................................797

Role-Based Access Control.......................................................................................................................................... 798

Overview of RBAC....................................................................................................................................................798

User Roles...................................................................................................................................................................800

AAA Authentication and Authorization for Roles.............................................................................................. 803

Role Accounting........................................................................................................................................................ 806

Display Information About User Roles..................................................................................................................807

Two Factor Authentication (2FA).............................................................................................................................. 808

Handling Access-Challenge Message...................................................................................................................808

Configuring Challenge Response Authentication for SSHv2......................................................................... 808

SMS-OTP Mechanism............................................................................................................................................. 809

Configuring the System to Drop Certain ICMP Reply Messages........................................................................809

SSH Lockout Settings.................................................................................................................................................... 810

Dell EMC Networking OS Security Hardening...........................................................................................................811

Dell EMC Networking OS Image Verification.......................................................................................................811

Startup Configuration Verification.........................................................................................................................812

Configuring the root User Password.....................................................................................................................813

Locking Access to GRUB Interface.......................................................................................................................813

Enabling User Lockout for Failed Login Attempts............................................................................................. 814

Chapter 48: Service Provider Bridging....................................................................................... 815

VLAN Stacking................................................................................................................................................................. 815

Configure VLAN Stacking........................................................................................................................................ 816

Creating Access and Trunk Ports.......................................................................................................................... 817

Enable VLAN-Stacking for a VLAN........................................................................................................................817

Configuring the Protocol Type Value for the Outer VLAN Tag......................................................................818

Configuring Dell EMC Networking OS Options for Trunk Ports.................................................................... 818

Debugging VLAN Stacking...................................................................................................................................... 819

VLAN Stacking in Multi-Vendor Networks.......................................................................................................... 819

VLAN Stacking Packet Drop Precedence.................................................................................................................822

Contents