Table Of Contents - HP FlexFabric 5930 Series Security Configuration Manual
Hide thumbs
Also See for FlexFabric 5930 Series:
- Configuration manuals (467 pages) ,
- Command reference manual (87 pages) ,
- Installation manual (73 pages)
Table of Contents
Advertisement
Contents
Configuring AAA ························································································································································· 1
Overview ············································································································································································ 1
RADIUS ······································································································································································ 2
HWTACACS ····························································································································································· 7
AAA implementation on the device ························································································································ 9
AAA for MPLS L3VPNs ········································································································································· 11
Protocols and standards ······································································································································· 11
RADIUS attributes ·················································································································································· 11
AAA configuration considerations and task list ·········································································································· 14
Configuring AAA schemes ············································································································································ 15
Configuring local users ········································································································································· 16
Configuring RADIUS schemes ······························································································································ 20
Configuring HWTACACS schemes ····················································································································· 28
Configuring AAA methods for ISP domains ················································································································ 34
Configuration prerequisites ·································································································································· 35
Creating an ISP domain ······································································································································· 35
Configuring ISP domain attributes ······················································································································· 35
Configuring authentication methods for an ISP domain ··················································································· 36
Configuring authorization methods for an ISP domain ····················································································· 37
Configuring accounting methods for an ISP domain ························································································· 38
Enabling the session-control feature ····························································································································· 39
Setting the maximum number of concurrent login users ···························································································· 39
Displaying and maintaining AAA ································································································································ 39
AAA for SSH users by an HWTACACS server ··········································································································· 39
Network requirements ··········································································································································· 39
Configuration procedure ······································································································································ 40
Verifying the configuration ··································································································································· 41
Local authentication, HWTACACS authorization, and RADIUS accounting for SSH users ··································· 41
Network requirements ··········································································································································· 41
Configuration procedure ······································································································································ 42
Verifying the configuration ··································································································································· 43
Authentication and authorization for SSH users by a RADIUS server ······································································ 43
Network requirements ··········································································································································· 43
Configuration procedure ······································································································································ 43
Verifying the configuration ··································································································································· 46
Troubleshooting RADIUS ··············································································································································· 46
RADIUS authentication failure ······························································································································ 46
RADIUS packet delivery failure ···························································································································· 47
RADIUS accounting error ····································································································································· 47
Troubleshooting HWTACACS ······································································································································ 48
Configuring password control ··································································································································· 49
Overview ········································································································································································· 49
Password setting ···················································································································································· 49
Password updating and expiration ····················································································································· 50
User login control ·················································································································································· 51
Password not displayed in any form ··················································································································· 51
Logging ··································································································································································· 51
Password control configuration task list ······················································································································· 52
i
Advertisement
Table of Contents
Troubleshooting
