Controlling user access ·············································································································································· 37

FIPS compliance ····························································································································································· 38

Controlling Telnet/SSH logins ······································································································································ 38

Configuration procedures ····································································································································· 38

Configuration example ········································································································································· 38

Controlling SNMP access·············································································································································· 39

Configuration procedure ······································································································································ 39

Configuring command authorization ··························································································································· 41

Configuring RBAC ······················································································································································ 44

Overview ········································································································································································· 44

Permission assignment ·········································································································································· 44

Assigning user roles ·············································································································································· 46

Configuration task list ···················································································································································· 47

Creating user roles ························································································································································· 47

Configuring user role rules ············································································································································ 47

Configuring feature groups ··········································································································································· 48

Changing resource access policies ······························································································································ 49

Changing the interface policy of a user role ······································································································ 49

Changing the VLAN policy of a user role ·········································································································· 49

Enabling the default user role function ················································································································ 50

Assigning user roles to remote AAA authentication users ················································································ 50

Assigning user roles to local AAA authentication users ···················································································· 50

Assigning user roles to non-AAA authentication users on user lines ······························································· 51

Configuring temporary user role authorization ·········································································································· 51

Configuration guidelines ······································································································································ 51

Configuring user role authentication ··················································································································· 53

Obtaining temporary user role authorization ···································································································· 53

Displaying RBAC settings ·············································································································································· 53

RBAC configuration examples ······································································································································ 54

RBAC configuration example for local AAA authentication users ··································································· 54

RBAC configuration example for RADIUS authentication users ······································································· 55

RBAC configuration example for HWTACACS authentication users ······························································ 58

Troubleshooting RBAC ··················································································································································· 62

Local users have more access permissions than intended ················································································ 62

Login attempts by RADIUS users always fail ······································································································ 63

Configuring FTP ·························································································································································· 64

Using the device as an FTP server ································································································································ 64

Configuring basic parameters ····························································································································· 65

Configuring authentication and authorization ··································································································· 65

Manually releasing FTP connections ··················································································································· 66

Displaying and maintaining the FTP server ········································································································ 66

FTP server configuration example in standalone mode ····················································································· 66

FTP server configuration example in IRF mode ·································································································· 68

Using the device as an FTP client ································································································································· 69

Establishing an FTP connection ···························································································································· 69

Managing directories on the FTP server ············································································································· 70

Working with files on the FTP server ··················································································································· 70

Table of Contents

HP FlexFabric 7900 Series Configuration Manual page 4

Troubleshooting

Related Manuals for HP FlexFabric 7900 Series

Related Products for HP FlexFabric 7900 Series

Table of Contents