R21xx-HP FlexFabric 11900 Security Configuration Guide
204
password control enable, 60
password control global parameters, 61
password control local user parameters, 62
password control user group parameters, 62
SFTP server function enable, 80
SSH client host public key configuration, 81
SSH client user interface configuration, 81
SSH management parameters, 83
SSH server configuration, 79
SSH server function enable, 80
SSH SFTP client device configuration, 86
SSH SFTP client source IP address/interface, 87
SSH SFTP server connection establishment, 87
SSH Stelnet client device configuration, 84
SSH Stelnet client source IP address/interface,
84
SSH Stelnet server connection establishment, 85
SSH user configuration, 82
super password control parameters, 63
uRPF application, 142
uRPF check modes, 139
uRPF work flow, 139
network management
AAA configuration, 1, 16
ARP attack protection configuration, 123
differences between HWTACACS and RADIUS,
7
entering peer public key, 72
HWTACACS server SSH user AAA, 43
IP source guard configuration, 113 , 114
IPv4 source guard dynamic configuration with
DHCP relay, 121
IPv4 source guard dynamic configuration with
DHCP snooping, 120
IPv6 source guard static configuration, 122
LDAP server SSH user authentication, 50
password control configuration, 57, 60, 64
public key import from file, 74
public key management, 67
RADIUS server SSH user
authentication+authorization, 46
SSH configuration, 77
SSH user local authentication+HWTACACS
authorization+RADIUS accounting, 45
u R P F c o n fi g u r a t i o n , 139, 142, 143
no
AAA no accounting method, 11
AAA no authentication method, 11
AAA no authorization method, 11
packet
ARP active acknowledgement, 129
ARP attack protection configuration, 123
A R P fi l t e r i n g c o n f i g u r a t i o n , 137, 13 8
ARP packet rate limit configuration, 125
ARP packet source MAC consistency check, 129
ARP packet validity check, 132
ARP user/packet validity check, 133
HWTACACS packet exchange process, 7
IP attack protection (unresolvable), 123
LDAP packet exchange process, 10
outgoing RADIUS packet source IP address, 26
RADIUS packet exchange process, 3
RADIUS packet format, 4
u R P F c o n fi g u r a t i o n , 139, 142, 143
packet filtering
IP source guard configuration, 113 , 114
IP source guard dynamic binding entries, 114
IP source guard static binding entries, 113
IPv4 source guard dynamic configuration with
DHCP relay, 121
IPv4 source guard dynamic configuration with
DHCP snooping, 120
IPv4 source guard static configuration, 118
IPv6 source guard static configuration, 122