HP 10500 Series Configuration Manual page 354
Security configuration guide
Hide thumbs
Also See for 10500 Series:
- Security configuration manual (596 pages) ,
- Configuration manual (512 pages) ,
- Specifications (42 pages)
Table of Contents
Advertisement
verifying
macAddressElseUserLoginSecure configuration,
183
verifying
port
configuration, 180
verifying RADIUS-based MAC authentication
configuration, 121
verifying switch configuration, 162
NS (ICMPv6 neighbor solicitation message), 266
NTK (port security), 172
offline detect timer (MAC authentication), 1 12
online
802.1X user handshake function, 89
user (portal authentication), 135
operation (SSH), 200
packet
802.1X EAP format, 73
802.1X EAPOL format, 74
802.1X format, 73
ARP attack protection user validity and packet
validity checking configuration, 261
configuring ARP packet validity check, 258
configuring ARP restricted forwarding, 259, 262
configuring rate limit (ARP attack protection), 254
enabling ND attack defense source MAC
consistency check, 267
format (RADIUS), 3
IP source guard configuration, 236, 243
IPv4 source guard configuration, 238
IPv4 source guard DHCP relay configuration, 246
IPv4 source guard DHCP snooping configuration,
245
IPv4 source guard entry configuration, 243
IPv6 ND attack defense configuration, 266
IPv6 source guard configuration, 240
IPv6 source guard static entry configuration, 247
setting HWTACACS shared keys, 35
setting RADIUS shared keys, 23
specifying outgoing packet source IP address, 138
specifying source IP address for outgoing RADIUS
packets, 27
troubleshooting cannot reach RADIUS server, 69
validity check (ARP detection), 257
packet information pre-extraction
configuring for IPsec, 31 1
parameter
configuring RADIUS class attribute as CAR
parameter, 30
password control global parameters, 288
password control local user parameters, 290
password control user group parameters, 289
port
security
userLoginWithOUI
security
specifying HWTACACS accounting server, 34
specifying RADIUS accounting and parameters,
22
super password control parameters, 291
password
SSH authentication, 201
SSH password-publickey authentication, 201
switch as SFTP publickey authentication client
configuration, 231
switch as Stelnet password authentication client
configuration, 224
switch as Stelnet password authentication server
configuration, 217
password control
configuration, 284, 286, 292
displaying, 291
enable, 287
FIPS compliance, 286
maintaining, 291
setting global parameters, 288
setting local user parameters, 290
setting super parameters, 291
setting user group parameters, 289
payload
disabling IKE next payload check, 322
IKE next payload check, 322
peer public key, 194
periodic gateway probe (MFF), 276
policy
applying QoS policy, 189
configuring RADIUS security policy server IP
address, 29
extended portal authentication functions, 124
MAC authentication user account policies, 1 1 1
security policy server (portal authentication), 125
policy (password control configuration), 284, 286,
292
port
802.1X authorization status, 72
802.1X configuration, 98
802.1X controlled/uncontrolled, 72
802.1x port-based access control method, 80
configuring IPv4 source guard static entry, 239
configuring IPv6 source guard static entry, 241
configuring MFF network port, 275
enabling 802.1X, 86
enabling IPv4 source guard on port, 238
enabling IPv6 source guard on port, 240
MAC authentication configuration, 1 1 1, 1 13, 1 18
MAC authentication configuration globally, 1 14
MAC authentication configuration on port, 1 14
344
Advertisement
Table of Contents
Troubleshooting
