Configuring Authentication And Authorization - HPE FlexFabric 5940 Series Configuration Manual

Fundamentals configuration guide

Hide thumbs Also See for FlexFabric 5940 Series:

Security configuration manual (571 pages)

Configuration manual (334 pages)

Fundamentals command reference (289 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

Table of Contents

Step

(Optional.) Use an ACL to

control access to the FTP

server.

(Optional.) Associate an SSL

server policy with the FTP

server to ensure data

security.

(Optional.) Set the FTP

connection idle-timeout

timer.

(Optional.) Set the DSCP

value for outgoing FTP

packets.

(Optional.) Set the maximum

number of concurrent FTP

users.

Configuring authentication and authorization

Perform this task on the FTP server to authenticate FTP clients and set the authorized directories

that authenticated clients can access.

The following authentication modes are available:

•

Local authentication—The device looks up the client's username and password in the local

user account database. If a match is found, authentication succeeds.

•

Remote authentication—The device sends the client's username and password to a remote

authentication server for authentication. The user account is configured on the remote

authentication server rather than the device.

The following authorization modes are available:

•

Local authorization—The device assigns authorized directories to FTP clients based on the

locally configured authorization attributes.

•

Remote authorization—A remote authorization server assigns authorized directories on the

device to FTP clients.

For information about configuring authentication and authorization, see Security Configuration

Guide.

Command

ftp server acl

{ ipv4-acl-number | ipv6

ipv6-acl-number }

ftp server

ssl-server-policy

policy-name

ftp timeout minutes

•

For an IPv4 FTP

server:

ftp server dscp

dscp-value

•

For an IPv6 FTP

server:

ftp server ipv6 dscp

dscp-value

aaa session-limit ftp

max-sessions

Remarks

By default, no ACL is used for access

control.

By default, no SSL server policy is

associated with the FTP server.

By default, the FTP connection

idle-timeout timer is 30 minutes.

If no data transfer occurs on an FTP

connection within the idle-timeout

interval, the FTP server closes the FTP

connection to release resources.

By default, the DSCP value is 0.

By default, the maximum number of

concurrent FTP users is 32.

Changing this setting does not affect

users who are currently online. If the

new limit is less than the number of

online FTP users, no additional FTP

users can log in until the number drops

below the new limit.

For more information about this

command, see Security Command

Reference.

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

Flexfabric 5950 series

Configuring Authentication And Authorization - HPE FlexFabric 5940 Series Configuration Manual

Configuring authentication and authorization

Hide quick links:

Troubleshooting

Related Manuals for HPE FlexFabric 5940 Series

Related Content for HPE FlexFabric 5940 Series

This manual is also suitable for:

Table of Contents