Cisco Gigabit Ethernet Switch Module for HP p-Class BladeSystem Software Configuration Guide
Contents
vii
Cisco Gigabit Ethernet Switch Module for HP p-Class BladeSystem Software Configuration Guide
380261-003
Configuring Kerberos 5-35
Configuring the Switch for Local Authentication and Authorization 5-36
Configuring the Switch for Secure Shell 5-37
Understanding SSH 5-38
SSH Servers, Integrated Clients, and Supported Versions 5-38
Limitations 5-39
Configuring SSH 5-39
Configuration Guidelines 5-39
Setting Up the Switch to Run SSH 5-39
Configuring the SSH Server 5-40
Displaying the SSH Configuration and Status 5-41
Configuring the Switch for Secure Socket Layer HTTP 5-42
Understanding Secure HTTP Servers and Clients 5-42
Certificate Authority Trustpoints 5-42
CipherSuites 5-44
Configuring Secure HTTP Servers and Clients 5-44
Default SSL Configuration 5-44
SSL Configuration Guidelines 5-45
Configuring a CA Trustpoint 5-45
Configuring the Secure HTTP Server 5-46
Configuring the Secure HTTP Client 5-47
Displaying Secure HTTP Server and Client Status 5-48
Configuring the Switch for Secure Copy Protocol 5-48
Information About Secure Copy 5-49
CHAPTER
6 Configuring IEEE 802.1x Port-Based Authentication 6-1
Understanding IEEE 802.1x Port-Based Authentication 6-1
Device Roles 6-2
Authentication Process 6-3
Authentication Initiation and Message Exchange 6-5
Ports in Authorized and Unauthorized States 6-7
IEEE 802.1x Host Mode 6-8
IEEE 802.1x Accounting 6-9
IEEE 802.1x Accounting Attribute-Value Pairs 6-9
Using IEEE 802.1x Authentication with VLAN Assignment 6-10
Using IEEE 802.1x Authentication with Per-User ACLs 6-11
Using IEEE 802.1x Authentication with Guest VLAN 6-12
Using IEEE 802.1x Authentication with Restricted VLAN 6-13
Using IEEE 802.1x Authentication with Inaccessible Authentication Bypass 6-14