Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

Obscuring Passwords and Keys...................................................................................................................................699

AAA Authorization.........................................................................................................................................................699

Privilege Levels Overview.......................................................................................................................................699

Conguration Task List for Privilege Levels..........................................................................................................700

RADIUS........................................................................................................................................................................... 704

RADIUS Authentication...........................................................................................................................................704

Conguration Task List for RADIUS...................................................................................................................... 705

TACACS+........................................................................................................................................................................709

Conguration Task List for TACACS+................................................................................................................... 709

TACACS+ Remote Authentication......................................................................................................................... 710

Command Authorization...........................................................................................................................................711

Protection from TCP Tiny and Overlapping Fragment Attacks................................................................................712

Enabling SCP and SSH.................................................................................................................................................. 712

Using SCP with SSH to Copy a Software Image................................................................................................. 713

Removing the RSA Host Keys and Zeroizing Storage ........................................................................................ 714

Conguring When to Re-generate an SSH Key ...................................................................................................714

Conguring the SSH Server Key Exchange Algorithm........................................................................................ 714

Conguring the HMAC Algorithm for the SSH Server........................................................................................715

Conguring the HMAC Algorithm for the SSH Client......................................................................................... 715

Conguring the SSH Server Cipher List................................................................................................................716

Conguring the SSH Client Cipher List..................................................................................................................717

Secure Shell Authentication.................................................................................................................................... 717

Troubleshooting SSH...............................................................................................................................................720

Telnet...............................................................................................................................................................................720

VTY Line and Access-Class Conguration................................................................................................................. 720

VTY Line Local Authentication and Authorization................................................................................................ 721

VTY Line Remote Authentication and Authorization............................................................................................721

VTY MAC-SA Filter Support...................................................................................................................................722

Role-Based Access Control.......................................................................................................................................... 722

Overview of RBAC...................................................................................................................................................723

User Roles.................................................................................................................................................................725

AAA Authentication and Authorization for Roles.................................................................................................728

Role Accounting........................................................................................................................................................731

Display Information About User Roles....................................................................................................................731

Two Factor Authentication (2FA)................................................................................................................................ 733

Handling Access-Challenge Message................................................................................................................... 733

Conguring Challenge Response Authentication for SSHv2............................................................................. 733

SMS-OTP Mechanism............................................................................................................................................ 734

Conguring the System to Drop Certain ICMP Reply Messages............................................................................ 734

45 Service Provider Bridging........................................................................................................................ 736

VLAN Stacking...............................................................................................................................................................736

Important Points to Remember..............................................................................................................................737

Congure VLAN Stacking....................................................................................................................................... 737

Creating Access and Trunk Ports...........................................................................................................................738

Enable VLAN-Stacking for a VLAN....................................................................................................................... 739

Contents