R21xx-HP FlexFabric 11900 Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP FlexFabric 11000 Switch Products

197

LDAP user attributes, 37

main mode IKE, 187

manual IPsec policy, 159

manual IPsec tunnel for IPv4 packets, 169

mirror image ACLs for IPsec, 157

number limit for IKE SAs, 186

password control, 57, 60, 64

public peer key, 71

RADIUS accounting-on feature, 28

RADIUS security policy server IP address, 29

RADIUS server SSH user

authentication+authorization, 46

SCP file with password authentication, 110

SFTP client publickey authentication, 107

SFTP server password authentication, 105

SSH, 77

SSH client host public key, 81

SSH client user interface, 81

SSH device as server, 79

SSH device as SFTP client, 86

SSH device as Stelnet client, 84

SSH user, 82

SSH user local authentication+HWTACACS

authorization+RADIUS accounting, 45

Stelnet client password authentication, 100

Stelnet client publickey authentication, 103

Stelnet server password authentication, 92

Stelnet server publickey authentication, 94

u R P F, 139, 142, 143

consistency check (ARP attack protection), 129

creating

AAA ISP domain, 39

HWTACACS scheme, 30

LDAP scheme, 38

LDAP server, 35

local key pair, 67

RADIUS scheme, 22

DDoS attack (uRPF), 139

destroying

local key pair, 70

device

password control configuration, 57, 60, 64

password control enable, 60

password control global parameters, 61

password control local user parameters, 62

password control user group parameters, 62

password setting, 57

SFTP server function enable, 80

SSH client user interface configuration, 81

SSH server configuration, 79

SSH server function enable, 80

SSH SFTP client configuration, 86

SSH Stelnet client configuration, 84

SSH Stelnet server connection establishment, 85

super password control parameters, 63

uRPF configuration, 143

DH algorithm (IKE), 178

DH group (IKE), 181

DHCP

authorized ARP (relay agent), 130

IP source guard dynamic binding entries, 114

IPv4 source guard dynamic configuration with

DHCP relay, 121

IPv4 source guard dynamic configuration with

DHCP snooping, 120

directory

LDAP directory service, 9

SFTP, 88

displaying

AAA, 43

AAA local users/local user groups, 21

ARP detection, 133