Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking S3100 Series

Configure RADIUS attributes 8, 87 and 168............................................................................................................. 691

RADIUS-assigned dynamic access control lists....................................................................................................... 691

Support for Change of Authorization and Disconnect Messages packets..........................................................696

TACACS+...........................................................................................................................................................................705

Configuration Task List for TACACS+......................................................................................................................705

TACACS+ Remote Authentication............................................................................................................................707

Command Authorization.............................................................................................................................................708

Protection from TCP Tiny and Overlapping Fragment Attacks..................................................................................708

Enabling SCP and SSH..................................................................................................................................................... 708

Using SCP with SSH to Copy a Software Image....................................................................................................709

Removing the RSA Host Keys and Zeroizing Storage ........................................................................................... 710

Configuring When to Re-generate an SSH Key ......................................................................................................710

Configuring the SSH Server Key Exchange Algorithm............................................................................................710

Configuring the HMAC Algorithm for the SSH Server............................................................................................ 711

Configuring the SSH Server Cipher List.................................................................................................................... 711

Configuring DNS in the SSH Server...........................................................................................................................711

Secure Shell Authentication........................................................................................................................................712

Troubleshooting SSH................................................................................................................................................... 714

Telnet...................................................................................................................................................................................714

VTY Line and Access-Class Configuration......................................................................................................................714

VTY Line Local Authentication and Authorization....................................................................................................715

VTY Line Remote Authentication and Authorization...............................................................................................715

VTY MAC-SA Filter Support.......................................................................................................................................716

Role-Based Access Control.............................................................................................................................................. 716

Overview of RBAC.......................................................................................................................................................716

User Roles..................................................................................................................................................................... 718

AAA Authentication and Authorization for Roles..................................................................................................... 721

Role Accounting...........................................................................................................................................................724

Display Information About User Roles.......................................................................................................................724

Two Factor Authentication (2FA)...................................................................................................................................725

Handling Access-Challenge Message....................................................................................................................... 726

Configuring Challenge Response Authentication for SSHv2.................................................................................726

SMS-OTP Mechanism................................................................................................................................................726

Configuring the System to Drop Certain ICMP Reply Messages................................................................................727

Dell EMC Networking OS Security Hardening...............................................................................................................728

Dell EMC Networking OS Image Verification...........................................................................................................728

Startup Configuration Verification............................................................................................................................ 729

Configuring the root User Password........................................................................................................................ 730

Enabling User Lockout for Failed Login Attempts...................................................................................................730

49 Service Provider Bridging........................................................................................................ 732

VLAN Stacking...................................................................................................................................................................732

Configure VLAN Stacking...........................................................................................................................................733

Creating Access and Trunk Ports..............................................................................................................................734

Enable VLAN-Stacking for a VLAN...........................................................................................................................734

Configuring the Protocol Type Value for the Outer VLAN Tag.............................................................................735

Configuring Dell EMC Networking OS Options for Trunk Ports........................................................................... 735

Debugging VLAN Stacking.........................................................................................................................................736

VLAN Stacking in Multi-Vendor Networks...............................................................................................................736

VLAN Stacking Packet Drop Precedence......................................................................................................................740

Contents