Alcatel OmniSwitch/Router Guía de usuario Pagina 279
- Pagina / 346
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Managing Switch Security Setting Up Management Interfaces for ASA
OmniSwitch 6250/6450 Switch Management Guide May 2012 page 10-9
Setting Up Management Interfaces for ASA
By default, authenticated access is available through the console port. Access through other management
interfaces is disabled. Other management interfaces include Telnet, FTP, HTTP, Secure Shell, and SNMP.
This chapter describes how to set up access for management interfaces. For more details about particular
management interfaces and how they are used, see Chapter 2, “Logging Into the Switch.”
To give switch access to management interfaces, use the aaa authentication command to allow or deny
access to each interface type; the default keyword can be used to configure access for all interface types.
Specify the server(s) to be used for authentication through the indicated management interface.
Keywords used for specifying management interfaces are listed here:
ssh is the keyword used to specify Secure Shell.
To specify an external authentication server or servers, use the RADIUS or LDAP server name or the
keyword ace for an ACE/Server. To specify that the local user database must be used for authentication,
use the local keyword. Up to four servers can be specified.
RADIUS and LDAP servers are set up to communicate with the switch via the aaa radius-server and
aaa tacacs+-server commands. ACE/Servers do not require any configuration, but you must FTP the
sdconf.rec file from the server to the switch’s network directory. For more information about configur-
ing the switch to communicate with these servers, see the “Managing Authentication Servers” chapter of
the OmniSwitch 6250/6450 Network Configuration Guide.
Note. RADIUS or LDAP servers used for authenticated switch access can also be used with authenticated
VLANs. Authenticated VLANs are described in the “Configuring Authenticated VLANs” chapter of the
OmniSwitch 6250/6450 Network Configuration Guide.
The order of the specified servers is important. The switch uses only one server for authentication—the
first available server in the list. All authentication attempts will be tried on that server. Other servers are
not tried, even if they are available. If local is specified, it must be last in the list since the local user data-
base is always available when the switch is up.
Servers can also be used for accounting, or logging, of authenticated sessions. See “Configuring Account-
ing for ASA” on page 10-12.
The following table describes the management access interfaces or methods and the types of authentica-
tion servers that can be used with them:
keywords
console
telnet
ftp
http
ssh
snmp
default
Server Type Management Access Method
RADIUS Telnet, FTP, HTTP, Secure Shell
LDAP Telnet, FTP, HTTP, Secure Shell, SNMP
ACE/Server Telnet, FTP, HTTP, Secure Shell
local console, FTP, HTTP, Secure Shell, SNMP
- OmniSwitch 6250/6450 1
- Switch Management Guide 1
- Contents 10
- About This Guide 13
- Who Should Read this Manual? 14
- What is in this Manual? 14
- What is Not in this Manual? 15
- Documentation Roadmap 16
- Related Documentation 18
- User Manual CD 20
- Technical Support 20
- 1 Managing System Files 21
- File Transfer 23
- Switch Directories 24
- File and Directory Management 25
- Using Wildcards 27
- Directory Commands 28
- Changing Directories 29
- Displaying Directory Contents 30
- Making a New Directory 31
- Copying an Existing Directory 32
- File Commands 34
- Secure Copy an Existing File 35
- Delete an Existing File 36
- Managing Files on Switches 37
- Utility Commands 38
- Using Secure Shell FTP 43
- Using TFTP to Transfer Files 45
- Using Zmodem 45
- Directories on the Switch 47
- Available Image Files 48
- Verifying Directory Contents 55
- Installing Software Licenses 56
- Licensed Features 57
- Setting the System Clock 59
- Enabling DST 62
- 2 Logging Into the Switch 65
- Login Specifications 67
- Login Defaults 67
- Management Interfaces 70
- User Accounts 71
- Using Telnet 72
- Using FTP 74
- Secure Shell Interface 77
- Secure Shell Authentication 79
- Connection Phase 80
- Modifying the Login Banner 85
- Configuring Login Parameters 87
- Enabling the DNS Resolver 88
- Verifying Login Settings 89
- 3 Using SNMP 91
- SNMP Specifications 92
- SNMP Defaults 92
- Using SNMP SNMP Defaults 93
- Management Station 94
- Filtering by Trap Families 95
- Filtering by Individual Traps 96
- SNMP Overview 97
- SNMP Versions 98
- Using SNMP SNMP Overview 99
- Configuring Community Strings 100
- Setting SNMP Security 102
- Working with SNMP Traps 103
- Authentication Trap 104
- Trap Management 104
- SNMP MIB Information 105
- Industry Standard MIBs 106
- Enterprise (Proprietary) MIBs 110
- 4 Configuring Network Time 115
- Protocol (NTP) 115
- NTP Specifications 116
- NTP Defaults Table 116
- NTP Quick Steps 117
- NTP Overview 119
- Using NTP in a Network 120
- Authentication 122
- Configuring NTP 123
- NTP Servers 124
- Setting the Version Number 125
- Marking a Server as Preferred 125
- Using Authentication 126
- Verifying NTP Configuration 127
- 5 Managing CMM 129
- Directory Content 129
- CMM Specifications 130
- CMM Files 131
- Software Rollback Feature 132
- Redundancy 137
- (Non-Redundant) 141
- Scheduling a Reboot 142
- Cancelling a Scheduled Reboot 142
- -> show reload 143
- -> show reload status 143
- Working Certified 144
- Primary CMM 144
- -> write memory 145
- Cancelling a Rollback Timeout 148
- -> copy working certified 150
- -> copy certified working 150
- Show Switch Files 152
- Rebooting the Switch 153
- -> copy flash-synchro 156
- -> takeover 157
- Using the USB Flash Drive 160
- Disaster Recovery Using USB 161
- Displaying CMM Conditions 163
- 6 Using the CLI 165
- CLI Specifications 166
- CLI Overview 167
- Text Conventions 168
- Using “Show” Commands 169
- Using the “No” Form 169
- Using “Alias” Commands 169
- Partial Keyword Completion 170
- Command Help 171
- Debug UPDATE, SHOW, NO, DEBUG 172
- Command Set Name Commands 172
- CLI Services 175
- Inserting Characters 176
- Syntax Checking 177
- Prefix Recognition 177
- Show Prefix 178
- Command History 179
- Enabling Command Logging 181
- Disabling Command Logging 181
- Changing the Screen Size 183
- Changing the CLI Prompt 183
- Displaying Table Information 184
- Filtering Table Information 185
- Multiple User Sessions 186
- Terminating Another Session 188
- Application Example 189
- Verifying CLI Usage 191
- 7 Working With 193
- Configuration Files 193
- Configuration Files Overview 198
- Cancelling a Timed Session 199
- Setting the Error File Limit 200
- Displaying a Text File 201
- Text Editing on the Switch 201
- Snapshot Feature List 202
- User-Defined Naming Options 203
- Editing Snapshot Files 203
- Example Snapshot File Text 204
- Verifying File Configuration 206
- 8 Managing Automatic 207
- Remote Configuration 207
- Download 207
- • Pathname: 255 characters 208
- • Filename: 63 characters 208
- Overview 211
- Network Components 212
- LED Status 213
- UDP/DHCP Relay 214
- Process Illustration 216
- Additional Process Notes 217
- Download Component Files 218
- Instruction File Syntax 219
- Firmware Upgrade Files 220
- Bootup Configuration File 220
- Debug Configuration File 221
- Script File 221
- Aggregate Association 222
- Nearest-Edge Mode Operation 226
- Access Switch 227
- Zero Touch License Upgrade 228
- Troubleshooting 229
- Script File Errors 230
- Error Description Table 231
- 9 Managing Switch User 233
- Accounts 233
- User Database Specifications 234
- User Account Defaults 234
- Overview of User Accounts 236
- “Managing Switch Security.” 237
- Startup Defaults 238
- Default User Settings 241
- How User Settings Are Saved 243
- Creating a User 244
- Removing a User 245
- User-Configured Password 246
- 4 Enter the password again 247
- Default Password Expiration 252
- -> user password-history 2 253
- -> user password-history 0 253
- -> user password-min-age 7 254
- -> user lockout-window 30 255
- -> user lockout j_smith 258
- -> user unlock j_smith 258
- -> user thomas no snmp 263
- Setting Up End-User Profiles 264
- Creating End-User Profiles 265
- 10 Managing Switch Security 271
- Switch Security Defaults 272
- Switch Security Overview 273
- Authenticated Switch Access 274
- ASA and Authenticated VLANs 275
- Enabling Switch Access 280
- Using Secure Shell 281
- 11 Using WebView 285
- WebView CLI Defaults 286
- Browser Setup 286
- WebView CLI Commands 287
- Enabling/Disabling SSL 288
- Changing the HTTPS Port 288
- WebView Overview 289
- Toolbar 290
- View/Configuration Area 291
- A Software License and 293
- Copyright Statements 293
- C. Linux 297
- E. University of California 302
- G.Random.c 302
- H. Apptitude, Inc 303
- I. Agranat 303
- J. RSA Security Inc 303
- K. Sun Microsystems, Inc 304
- L. Wind River Systems, Inc 304
- N.Remote-ni 305
- O.GNU Zip 305
- Q.Boost C++ Libraries 306
- R. U-Boot 306
- S. Solaris 306
- U. CURSES 307
- V. Z M o d e m 307
- W.Boost Software License 307
- X. OpenLDAP 307
- Y. B IT M A P.C 308
- Z. University of Toronto 308
- AA.Free/OpenBSD 308
- B SNMP Trap Information 309
- SNMP Traps Table 310
- alaPimGroup 327
Relacionado con productos y manuales para Redes Alcatel OmniSwitch/Router
Redes Alcatel OS6400-48 Manual de usuario
(8 paginas)
(8 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.254 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales