Setup Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048-ON

Support for Change of Authorization and Disconnect Messages packets...................................................... 882

TACACS+........................................................................................................................................................................893

Conguration Task List for TACACS+................................................................................................................... 893

TACACS+ Remote Authentication........................................................................................................................ 895

Command Authorization.........................................................................................................................................896

Protection from TCP Tiny and Overlapping Fragment Attacks...............................................................................896

Enabling SCP and SSH................................................................................................................................................. 896

Using SCP with SSH to Copy a Software Image.................................................................................................897

Removing the RSA Host Keys and Zeroizing Storage ....................................................................................... 898

Conguring When to Re-generate an SSH Key ..................................................................................................898

Conguring the SSH Server Key Exchange Algorithm.......................................................................................899

Conguring the HMAC Algorithm for the SSH Server.......................................................................................899

Conguring the HMAC Algorithm for the SSH Client........................................................................................ 900

Conguring the SSH Server Cipher List................................................................................................................901

Conguring the SSH Client Cipher List................................................................................................................. 901

Conguring DNS in the SSH Server..................................................................................................................... 902

Secure Shell Authentication................................................................................................................................... 902

Troubleshooting SSH...............................................................................................................................................905

Telnet...............................................................................................................................................................................905

VTY Line and Access-Class Conguration.................................................................................................................905

VTY Line Local Authentication and Authorization...............................................................................................905

VTY Line Remote Authentication and Authorization.......................................................................................... 906

VTY MAC-SA Filter Support.................................................................................................................................. 906

Role-Based Access Control..........................................................................................................................................907

Overview of RBAC...................................................................................................................................................907

User Roles................................................................................................................................................................. 910

AAA Authentication and Authorization for Roles................................................................................................. 913

Role Accounting........................................................................................................................................................916

Display Information About User Roles................................................................................................................... 916

Two Factor Authentication (2FA).................................................................................................................................918

Handling Access-Challenge Message....................................................................................................................918

Conguring Challenge Response Authentication for SSHv2..............................................................................918

SMS-OTP Mechanism.............................................................................................................................................919

Conguring the System to Drop Certain ICMP Reply Messages.............................................................................919

Dell EMC Networking OS Security Hardening............................................................................................................921

Dell EMC Networking OS Image Verication........................................................................................................921

Startup Conguration Verication.........................................................................................................................922

Conguring the root User Password..................................................................................................................... 923

Locking Access to GRUB Interface....................................................................................................................... 924

Enabling User Lockout for Failed Login Attempts................................................................................................924

51 Service Provider Bridging.........................................................................................................................925

VLAN Stacking...............................................................................................................................................................925

Important Points to Remember............................................................................................................................. 926

Congure VLAN Stacking.......................................................................................................................................926

Creating Access and Trunk Ports...........................................................................................................................927

Contents