Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

Privilege Levels Overview.......................................................................................................................................... 805

Configuration Task List for Privilege Levels.............................................................................................................805

RADIUS...............................................................................................................................................................................809

RADIUS Authentication and Authorization.............................................................................................................. 809

Configuration Task List for RADIUS.......................................................................................................................... 810

Support for Change of Authorization and Disconnect Messages packets...........................................................813

TACACS+...........................................................................................................................................................................822

Configuration Task List for TACACS+......................................................................................................................822

TACACS+ Remote Authentication and Authorization............................................................................................823

Command Authorization.............................................................................................................................................824

Protection from TCP Tiny and Overlapping Fragment Attacks..................................................................................825

Enabling SCP and SSH.....................................................................................................................................................825

Using SCP with SSH to Copy a Software Image....................................................................................................826

Removing the RSA Host Keys and Zeroizing Storage .......................................................................................... 826

Configuring When to Re-generate an SSH Key ..................................................................................................... 827

Configuring the SSH Server Cipher List...................................................................................................................827

Configuring DNS in the SSH Server......................................................................................................................... 827

Configuring the HMAC Algorithm for the SSH Server...........................................................................................828

Configuring the HMAC Algorithm for the SSH Client............................................................................................ 828

Configuring the SSH Server Cipher List...................................................................................................................829

Configuring the SSH Client Cipher List.................................................................................................................... 829

Secure Shell Authentication.......................................................................................................................................829

Troubleshooting SSH...................................................................................................................................................831

Telnet..................................................................................................................................................................................832

VTY Line and Access-Class Configuration.....................................................................................................................832

VTY Line Local Authentication and Authorization...................................................................................................832

VTY Line Remote Authentication and Authorization.............................................................................................. 833

VTY MAC-SA Filter Support...................................................................................................................................... 833

Two Factor Authentication (2FA)...................................................................................................................................833

Handling Access-Challenge Message....................................................................................................................... 834

Configuring Challenge Response Authentication for SSHv2.................................................................................834

SMS-OTP Mechanism................................................................................................................................................834

Configuring the System to Drop Certain ICMP Reply Messages............................................................................... 835

Dell EMC Networking OS Security Hardening.............................................................................................................. 836

Startup Configuration Verification............................................................................................................................ 836

Configuring the root User Password........................................................................................................................ 837

Enabling User Lockout for Failed Login Attempts...................................................................................................837

51 Service Provider Bridging........................................................................................................ 839

VLAN Stacking.................................................................................................................................................................. 839

Configure VLAN Stacking.......................................................................................................................................... 840

Creating Access and Trunk Ports.............................................................................................................................. 841

Enable VLAN-Stacking for a VLAN............................................................................................................................841

Configuring the Protocol Type Value for the Outer VLAN Tag............................................................................ 842

Configuring Options for Trunk Ports........................................................................................................................ 842

Debugging VLAN Stacking.........................................................................................................................................843

VLAN Stacking in Multi-Vendor Networks.............................................................................................................. 843

VLAN Stacking Packet Drop Precedence......................................................................................................................846

Enabling Drop Eligibility...............................................................................................................................................846

Honoring the Incoming DEI Value..............................................................................................................................847

Contents