Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

Privilege Levels Overview.......................................................................................................................................850

Configuration Task List for Privilege Levels........................................................................................................851

RADIUS..............................................................................................................................................................................854

RADIUS Authentication and Authorization......................................................................................................... 855

Configuration Task List for RADIUS.....................................................................................................................856

Support for Change of Authorization and Disconnect Messages packets................................................. 859

TACACS+..........................................................................................................................................................................869

Configuration Task List for TACACS+.................................................................................................................869

TACACS+ Remote Authentication and Authorization.......................................................................................871

Command Authorization.......................................................................................................................................... 872

Protection from TCP Tiny and Overlapping Fragment Attacks...........................................................................872

Enabling SCP and SSH...................................................................................................................................................872

Using SCP with SSH to Copy a Software Image...............................................................................................873

Removing the RSA Host Keys and Zeroizing Storage .................................................................................... 874

Configuring When to Re-generate an SSH Key ................................................................................................874

Configuring the SSH Server Cipher List..............................................................................................................874

Configuring DNS in the SSH Server..................................................................................................................... 875

Configuring the HMAC Algorithm for the SSH Server.................................................................................... 875

Configuring the HMAC Algorithm for the SSH Client......................................................................................876

Configuring the SSH Server Cipher List..............................................................................................................876

Configuring the SSH Client Cipher List................................................................................................................877

Secure Shell Authentication....................................................................................................................................877

Troubleshooting SSH................................................................................................................................................879

Telnet.................................................................................................................................................................................880

VTY Line and Access-Class Configuration................................................................................................................880

VTY Line Local Authentication and Authorization.............................................................................................880

VTY Line Remote Authentication and Authorization.........................................................................................881

VTY MAC-SA Filter Support................................................................................................................................... 881

Two Factor Authentication (2FA)...............................................................................................................................882

Handling Access-Challenge Message...................................................................................................................882

Configuring Challenge Response Authentication for SSHv2..........................................................................882

SMS-OTP Mechanism............................................................................................................................................. 883

Configuring the System to Drop Certain ICMP Reply Messages........................................................................883

Dell EMC Networking OS Security Hardening......................................................................................................... 884

Startup Configuration Verification........................................................................................................................884

Configuring the root User Password....................................................................................................................885

Enabling User Lockout for Failed Login Attempts............................................................................................ 886

Chapter 51: Service Provider Bridging....................................................................................... 887

VLAN Stacking.................................................................................................................................................................887

Configure VLAN Stacking....................................................................................................................................... 889

Creating Access and Trunk Ports......................................................................................................................... 889

Enable VLAN-Stacking for a VLAN.......................................................................................................................890

Configuring the Protocol Type Value for the Outer VLAN Tag.....................................................................890

Configuring Options for Trunk Ports....................................................................................................................890

Debugging VLAN Stacking...................................................................................................................................... 891

VLAN Stacking in Multi-Vendor Networks.......................................................................................................... 891

VLAN Stacking Packet Drop Precedence.................................................................................................................894

Enabling Drop Eligibility............................................................................................................................................894

Honoring the Incoming DEI Value......................................................................................................................... 895

Contents