Web Management Guide-R05
Table Of Contents
- How to Use This Guide
- Contents
- Figures
- Tables
- Getting Started
- Web Configuration
- Using the Web Interface
- Basic Management Tasks
- Displaying System Information
- Displaying Hardware/Software Versions
- Configuring Support for Jumbo Frames
- Displaying Bridge Extension Capabilities
- Managing System Files
- Setting the System Clock
- Configuring the Console Port
- Configuring Telnet Settings
- Displaying CPU Utilization
- Configuring CPU Guard
- Displaying Memory Utilization
- Resetting the System
- Using Cloud Management
- Interface Configuration
- VLAN Configuration
- Address Table Settings
- Spanning Tree Algorithm
- Congestion Control
- Class of Service
- Quality of Service
- VoIP Traffic Configuration
- Security Measures
- AAA (Authentication, Authorization and Accounting)
- Configuring User Accounts
- Web Authentication
- Network Access (MAC Address Authentication)
- Configuring HTTPS
- Configuring the Secure Shell
- Access Control Lists
- Filtering IP Addresses for Management Access
- Configuring Port Security
- Configuring 802.1X Port Authentication
- DoS Protection
- DHCP Snooping
- IPv4 Source Guard
- ARP Inspection
- Basic Administration Protocols
- Configuring Event Logging
- Link Layer Discovery Protocol
- Simple Network Management Protocol
- Configuring Global Settings for SNMP
- Setting the Local Engine ID
- Specifying a Remote Engine ID
- Setting SNMPv3 Views
- Configuring SNMPv3 Groups
- Setting Community Access Strings
- Configuring Local SNMPv3 Users
- Configuring Remote SNMPv3 Users
- Specifying Trap Managers
- Creating SNMP Notification Logs
- Showing SNMP Statistics
- Remote Monitoring
- Switch Clustering
- Setting a Time Range
- LBD Configuration
- Smart Pair Configuration
- Multicast Filtering
- Overview
- Layer 2 IGMP (Snooping and Query for IPv4)
- Configuring IGMP Snooping and Query Parameters
- Specifying Static Interfaces for a Multicast Router
- Assigning Interfaces to Multicast Services
- Setting IGMP Snooping Status per Interface
- Filtering IGMP Query Packets and Multicast Data
- Displaying Multicast Groups Discovered by IGMP Snooping
- Displaying IGMP Snooping Statistics
- Filtering and Throttling IGMP Groups
- MLD Snooping (Snooping and Query for IPv6)
- Filtering and Throttling MLD Groups
- Filtering MLD Query Packets on an Interface
- IP Tools
- IP Configuration
- General IP Routing
- Unicast Routing
- Overview
- Configuring the Routing Information Protocol
- Configuring General Protocol Settings
- Clearing Entries from the Routing Table
- Specifying Network Interfaces
- Specifying Passive Interfaces
- Specifying Static Neighbors
- Configuring Route Redistribution
- Specifying an Administrative Distance
- Configuring Network Interfaces for RIP
- Displaying RIP Interface Settings
- Displaying Peer Router Information
- Resetting RIP Statistics
- IP Services
- Appendices
- Glossary
- Index
Chapter 12
| Security Measures
Configuring the Secure Shell
– 274 –
the signature is correct. If both checks succeed, the client is
authenticated.
Note:
The SSH server supports up to eight client sessions. The maximum number
of client sessions includes both current Telnet sessions and SSH sessions.
Note:
The SSH server can be accessed using any configured IPv4 or IPv6 interface
address on the switch.
Configuring the
SSH Server
Use the Security > SSH (Configure Global) page to enable the SSH server and
configure basic settings for authentication.
Note:
You must generate RSA host keys before enabling the SSH server. See
“Generating the Host Key Pair” on page 275.
Parameters
These parameters are displayed:
◆ SSH Server Status – Allows you to enable/disable the SSH server on the switch.
(Default: Disabled)
◆ Version – The Secure Shell version number. Version 2.0 is displayed and the
switch supports management access only from SSH Version 2.0 clients.
◆ Authentication Timeout – Specifies the time interval in seconds that the SSH
server waits for a response from a client during an authentication attempt.
(Range: 1-120 seconds; Default: 120 seconds)
◆ Authentication Retries – Specifies the number of authentication attempts
that a client is allowed before authentication fails and the client has to restart
the authentication process. (Range: 1-5 times; Default: 3)
Web Interface
To configure the SSH server:
1. Click Security, SSH.
2. Select Configure Global from the Step list.
3. Enable the SSH server.
4. Adjust the authentication parameters as required.
5. Click Apply.