Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON
21222324252627282930
Conguration Task List for AAA Accounting........................................................................................................696
AAA Authentication.......................................................................................................................................................698
Conguration Task List for AAA Authentication.................................................................................................. 699
Obscuring Passwords and Keys................................................................................................................................... 702
AAA Authorization......................................................................................................................................................... 702
Privilege Levels Overview....................................................................................................................................... 702
Conguration Task List for Privilege Levels.......................................................................................................... 703
RADIUS............................................................................................................................................................................707
RADIUS Authentication........................................................................................................................................... 707
Conguration Task List for RADIUS.......................................................................................................................708
TACACS+.........................................................................................................................................................................712
Conguration Task List for TACACS+....................................................................................................................712
TACACS+ Remote Authentication......................................................................................................................... 713
Command Authorization..........................................................................................................................................715
Protection from TCP Tiny and Overlapping Fragment Attacks................................................................................715
Enabling SCP and SSH.................................................................................................................................................. 715
Using SCP with SSH to Copy a Software Image................................................................................................. 716
Removing the RSA Host Keys and Zeroizing Storage .........................................................................................717
Conguring When to Re-generate an SSH Key ...................................................................................................717
Conguring the SSH Server Key Exchange Algorithm........................................................................................718
Conguring the HMAC Algorithm for the SSH Server........................................................................................718
Conguring the HMAC Algorithm for the SSH Client......................................................................................... 719
Conguring the SSH Server Cipher List................................................................................................................719
Conguring the SSH Client Cipher List.................................................................................................................720
Secure Shell Authentication................................................................................................................................... 720
Troubleshooting SSH............................................................................................................................................... 723
Telnet............................................................................................................................................................................... 723
VTY Line and Access-Class Conguration..................................................................................................................723
VTY Line Local Authentication and Authorization................................................................................................724
VTY Line Remote Authentication and Authorization...........................................................................................724
VTY MAC-SA Filter Support.................................................................................................................................. 725
Role-Based Access Control..........................................................................................................................................725
Overview of RBAC...................................................................................................................................................726
User Roles.................................................................................................................................................................728
AAA Authentication and Authorization for Roles..................................................................................................731
Role Accounting....................................................................................................................................................... 734
Display Information About User Roles................................................................................................................... 734
Two Factor Authentication (2FA)................................................................................................................................ 736
Handling Access-Challenge Message................................................................................................................... 736
Conguring Challenge Response Authentication for SSHv2............................................................................. 736
SMS-OTP Mechanism.............................................................................................................................................737
Conguring the System to Drop Certain ICMP Reply Messages............................................................................ 737
45 Service Provider Bridging........................................................................................................................ 739
VLAN Stacking...............................................................................................................................................................739
Important Points to Remember..............................................................................................................................740
Contents
23