Reference Guide
Display Information About User Roles................................................................................................................. 660
AAA Accounting............................................................................................................................................................... 661
Configuration Task List for AAA Accounting...................................................................................................... 661
AAA Authentication........................................................................................................................................................ 663
Configuration Task List for AAA Authentication............................................................................................... 663
Obscuring Passwords and Keys.................................................................................................................................. 665
AAA Authorization.......................................................................................................................................................... 665
Privilege Levels Overview.......................................................................................................................................666
Configuration Task List for Privilege Levels.......................................................................................................666
RADIUS..............................................................................................................................................................................670
RADIUS Authentication and Authorization......................................................................................................... 670
Configuration Task List for RADIUS......................................................................................................................671
TACACS+.......................................................................................................................................................................... 673
Configuration Task List for TACACS+................................................................................................................. 673
TACACS+ Remote Authentication and Authorization......................................................................................675
Command Authorization.......................................................................................................................................... 676
Protection from TCP Tiny and Overlapping Fragment Attacks...........................................................................676
Enabling SCP and SSH.................................................................................................................................................. 676
Using SCP with SSH to Copy a Software Image...............................................................................................677
Removing the RSA Host Keys and Zeroizing Storage .................................................................................... 678
Configuring When to Re-generate an SSH Key ............................................................................................... 678
Configuring the SSH Server Cipher List..............................................................................................................678
Configuring the HMAC Algorithm for the SSH Server.................................................................................... 679
Configuring the SSH Server Cipher List..............................................................................................................679
Secure Shell Authentication................................................................................................................................... 680
Troubleshooting SSH............................................................................................................................................... 682
Telnet................................................................................................................................................................................. 682
VTY Line and Access-Class Configuration................................................................................................................683
VTY Line Local Authentication and Authorization.............................................................................................683
VTY Line Remote Authentication and Authorization........................................................................................684
VTY MAC-SA Filter Support...................................................................................................................................684
Chapter 48: Service Provider Bridging.......................................................................................685
VLAN Stacking................................................................................................................................................................ 685
Configure VLAN Stacking....................................................................................................................................... 686
Creating Access and Trunk Ports......................................................................................................................... 687
Enable VLAN-Stacking for a VLAN.......................................................................................................................687
Configuring the Protocol Type Value for the Outer VLAN Tag.....................................................................688
Configuring Options for Trunk Ports....................................................................................................................688
Debugging VLAN Stacking......................................................................................................................................689
VLAN Stacking in Multi-Vendor Networks......................................................................................................... 689
VLAN Stacking Packet Drop Precedence.................................................................................................................692
Enabling Drop Eligibility............................................................................................................................................692
Honoring the Incoming DEI Value..........................................................................................................................693
Marking Egress Packets with a DEI Value.......................................................................................................... 693
Dynamic Mode CoS for VLAN Stacking.................................................................................................................... 694
Mapping C-Tag to S-Tag dot1p Values............................................................................................................... 695
Layer 2 Protocol Tunneling...........................................................................................................................................696
Enabling Layer 2 Protocol Tunneling.................................................................................................................... 697
Specifying a Destination MAC Address for BPDUs.......................................................................................... 698
Contents
21