Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048T-ON

Configuration Task List for Privilege Levels.............................................................................................................748

RADIUS...............................................................................................................................................................................752

RADIUS Authentication.............................................................................................................................................. 752

Configuration Task List for RADIUS..........................................................................................................................753

Support for Change of Authorization and Disconnect Messages packets..........................................................756

TACACS+...........................................................................................................................................................................765

Configuration Task List for TACACS+......................................................................................................................765

TACACS+ Remote Authentication............................................................................................................................766

Command Authorization............................................................................................................................................. 767

Protection from TCP Tiny and Overlapping Fragment Attacks..................................................................................768

Enabling SCP and SSH..................................................................................................................................................... 768

Using SCP with SSH to Copy a Software Image.................................................................................................... 768

Removing the RSA Host Keys and Zeroizing Storage ...........................................................................................769

Configuring When to Re-generate an SSH Key .....................................................................................................769

Configuring the SSH Server Key Exchange Algorithm...........................................................................................770

Configuring the HMAC Algorithm for the SSH Server...........................................................................................770

Configuring the SSH Server Cipher List....................................................................................................................771

Configuring DNS in the SSH Server.......................................................................................................................... 771

Secure Shell Authentication....................................................................................................................................... 772

Troubleshooting SSH.................................................................................................................................................. 774

Telnet.................................................................................................................................................................................. 774

VTY Line and Access-Class Configuration..................................................................................................................... 774

VTY Line Local Authentication and Authorization...................................................................................................775

VTY Line Remote Authentication and Authorization.............................................................................................. 775

VTY MAC-SA Filter Support...................................................................................................................................... 775

Role-Based Access Control..............................................................................................................................................776

Overview of RBAC...................................................................................................................................................... 776

User Roles.....................................................................................................................................................................778

AAA Authentication and Authorization for Roles..................................................................................................... 781

Role Accounting...........................................................................................................................................................783

Display Information About User Roles.......................................................................................................................784

Two Factor Authentication (2FA)...................................................................................................................................785

Handling Access-Challenge Message....................................................................................................................... 785

Configuring Challenge Response Authentication for SSHv2.................................................................................785

SMS-OTP Mechanism................................................................................................................................................786

Configuring the System to Drop Certain ICMP Reply Messages............................................................................... 786

Dell EMC Networking OS Security Hardening...............................................................................................................788

Dell EMC Networking OS Image Verification...........................................................................................................788

Startup Configuration Verification............................................................................................................................ 789

Configuring the root User Password........................................................................................................................ 790

Locking Access to GRUB Interface.......................................................................................................................... 790

Enabling User Lockout for Failed Login Attempts................................................................................................... 791

50 Service Provider Bridging........................................................................................................792

VLAN Stacking...................................................................................................................................................................792

Configure VLAN Stacking...........................................................................................................................................793

Creating Access and Trunk Ports..............................................................................................................................794

Enable VLAN-Stacking for a VLAN...........................................................................................................................794

Configuring the Protocol Type Value for the Outer VLAN Tag............................................................................ 795

Configuring Dell EMC Networking OS Options for Trunk Ports........................................................................... 795

Contents