Table of Contents
Advertisement
Configuration Task List for AAA Accounting........................................................................................................696
AAA Authentication.......................................................................................................................................................698
Configuration Task List for AAA Authentication.................................................................................................. 699
Obscuring Passwords and Keys................................................................................................................................... 702
AAA Authorization......................................................................................................................................................... 702
Privilege Levels Overview....................................................................................................................................... 702
Configuration Task List for Privilege Levels.......................................................................................................... 703
RADIUS............................................................................................................................................................................707
RADIUS Authentication........................................................................................................................................... 707
Configuration Task List for RADIUS.......................................................................................................................708
TACACS+.........................................................................................................................................................................712
Configuration Task List for TACACS+.................................................................................................................... 712
TACACS+ Remote Authentication......................................................................................................................... 713
Command Authorization..........................................................................................................................................715
Protection from TCP Tiny and Overlapping Fragment Attacks................................................................................715
Enabling SCP and SSH.................................................................................................................................................. 715
Using SCP with SSH to Copy a Software Image................................................................................................. 716
Removing the RSA Host Keys and Zeroizing Storage .........................................................................................717
Configuring When to Re-generate an SSH Key ...................................................................................................717
Configuring the SSH Server Key Exchange Algorithm........................................................................................ 718
Configuring the HMAC Algorithm for the SSH Server........................................................................................ 718
Configuring the HMAC Algorithm for the SSH Client......................................................................................... 719
Configuring the SSH Server Cipher List................................................................................................................719
Configuring the SSH Client Cipher List.................................................................................................................720
Secure Shell Authentication................................................................................................................................... 720
Troubleshooting SSH............................................................................................................................................... 723
Telnet............................................................................................................................................................................... 723
VTY Line and Access-Class Configuration..................................................................................................................723
VTY Line Local Authentication and Authorization................................................................................................724
VTY Line Remote Authentication and Authorization........................................................................................... 724
VTY MAC-SA Filter Support.................................................................................................................................. 725
Role-Based Access Control.......................................................................................................................................... 725
Overview of RBAC...................................................................................................................................................726
User Roles.................................................................................................................................................................728
AAA Authentication and Authorization for Roles..................................................................................................731
Role Accounting....................................................................................................................................................... 734
Display Information About User Roles................................................................................................................... 734
Two Factor Authentication (2FA)................................................................................................................................ 736
Handling Access-Challenge Message................................................................................................................... 736
Configuring Challenge Response Authentication for SSHv2............................................................................. 736
SMS-OTP Mechanism.............................................................................................................................................737
Configuring the System to Drop Certain ICMP Reply Messages............................................................................ 737
45 Service Provider Bridging........................................................................................................................ 739
VLAN Stacking............................................................................................................................................................... 739
Important Points to Remember..............................................................................................................................740
Contents
23
- Quick Links:
- Accessing the Command Line
- Cli Modes
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
