HP 10500 Series Configuration Manual page 344

client
802.1X architecture, 72
802.1X authentication client timeout timer, 89
802.1X configuration, 80, 85, 98
as authentication initiator (802.1X), 75
configuring device as SSH SCP client, 215
configuring device as SSH SFTP client, 212
configuring SSH client's host public key, 205
configuring SSH client's host public key manually,
205
configuring SSH device as Stelnet client, 208
configuring SSH user interface, 204
enabling RADIUS client service, 31
importing SSH client public key from file, 206
portal authentication, 125
portal system components, 124
RADIUS model, 2
specifying source IP address/interface for SSH
SFTP client, 212
specifying source IP address/interface for SSH
Stelnet client, 209
switch as SFTP publickey authentication client
configuration, 231
switch as Stelnet password authentication client
configuration, 224
switch as Stelnet publickey authentication client
configuration, 227
transferring files with an SCP client, 216
verifying 802.1X configuration, 100
comparing EAP relay and termination authentication
modes (802.1X), 76
conditional self-test
continuous random number generator test, 295
pair-wise consistency test, 295
configuring
802.1X, 80, 85, 98
802.1X ACL assignment, 103
802.1X authentication trigger function, 91
802.1X Auth-Fail VLAN, 95
802.1X critical VLAN, 96
802.1X guest VLAN, 94, 101
802.1X online user handshake function, 89
802.1X quiet timer, 92
802.1X VLAN assignment, 101
AAA, 1, 47
AAA for portal users by RADIUS server, 52
AAA local user, 16
AAA local user attributes, 17
AAA method for ISP domain, 38
AAA schemes, 16
AAA user group attributes, 19
ACL for IPsec, 303
ARP attack protection, 251
ARP attack protection active acknowledgement,
256
ARP attack protection against unresolvable IP
attack, 252, 253
ARP attack protection packet rate limit, 254
ARP attack protection source MAC address-based
detection, 254, 255
ARP attack protection source suppression, 252
ARP attack protection user validity and packet
validity checks, 261
ARP attack protection user validity check, 257, 259
ARP automatic scanning, 264, 265
ARP detection, 257
ARP packet validity check, 258
ARP restricted forwarding, 259, 262
authentication source subnet, 135
Auth-Fail VLAN (802.1X), 82
auto-mode MFF in ring network, 278
auto-mode MFF in tree network, 277
critical VLAN (802.1X), 83
cross-subnet across VPNs portal authentication,
163
cross-subnet portal authentication, 149
cross-subnet portal authentication with extended
functions, 155
device as SSH SCP client, 215
device as SSH SFTP client, 212
direct portal authentication, 142
direct portal
functions, 151
EAD fast deployment, 106, 108
FIPS, 295, 296, 297
fixed ARP (ARP attack protection), 264, 265
for HWTACACS server Telnet user (AAA), 47
free IP (EAD fast deployment), 106
guest VLAN (802.1X), 81
HWTACACS scheme, 32
IKE, 323
IKE DPD detector, 322
IKE keepalive timers, 321
IKE local security gateway name, 318
IKE NAT keepalive timer, 321
IKE peer, 319
IKE proposal, 318
IKE-based IPsec tunnel, 312
IP source guard, 236, 243
IPsec, 302
IPsec anti-replay, 310
IPsec policy using IKE, 307
334
authentication with extended