R21xx-HP FlexFabric 11900 Security Configuration Guide
206
configuring AAA user group attributes, 20
configuring ACL for IPsec, 156
configuring ARP active acknowledgement, 129
configuring ARP automatic scanning, 135
configuring ARP detection, 131
c o n f ig u ri n g A R P f i l t e ri n g , 137, 138
configuring ARP gateway protection, 136
configuring ARP packet rate limit, 125
configuring ARP packet source MAC
consistency check, 129
configuring ARP packet validity check, 132
configuring ARP restricted forwarding, 133
configuring ARP source MAC-based attack
d e te ct i o n, 126, 127
configuring ARP source suppression, 124
configuring ARP user validity check, 131
configuring ARP user/packet validity check, 133
configuring authorized ARP configuration, 129
configuring authorized ARP configuration
(DHCP relay agent), 130
configuring device as SCP client, 90
configuring DF bit of IPsec packets, 168
configuring FIPS, 144
configuring FIPS (automatic reboot), 148
configuring FIPS (manual reboot), 149
configuring fixed ARP, 135
configuring HWTACACS server SSH user AAA,
43
configuring IKE DPD, 185
configuring IKE global ID, 183
configuring IKE keepalive, 184
configuring IKE keychain, 182
configuring IKE NAT keepalive, 184
configuring IKE profile, 179
configuring IKE proposal, 181
configuring IKE-based IPsec policy, 161
configuring IKE-based IPsec tunnel for IPv4
packets, 172
configuring IP source guard, 114
configuring IPsec anti-replay, 166
configuring IPsec transform set, 157
configuring IPv4 dynamic source guard with
DHCP relay, 121
configuring IPv4 dynamic source guard with
DHCP snooping, 120
configuring IPv4 source guard, 115
configuring IPv4 source guard static entry on
interface, 116
configuring IPv4 static source guard, 118
configuring IPv6 source guard, 116
configuring IPv6 source guard static entry on
interface, 117
configuring IPv6 static source guard, 122
configuring LDAP administrator attributes, 37
configuring LDAP server IP address, 36
configuring LDAP server SSH user authentication,
50
configuring LDAP user attributes, 37
configuring main mode IKE, 187
configuring manual IPsec policy, 159
configuring manual IPsec tunnel for IPv4 packets,
169
configuring number limit for IKE SAs, 186
configuring password control, 60, 64
configuring public peer key, 71
configuring RADIUS accounting-on feature, 28
configuring RADIUS security policy server IP
address, 29
configuring RADIUS server SSH user
authentication+authorization, 46
configuring SCP file transfer with password
authentication, 110
configuring SFTP client publickey authentication,
107