HPE FlexNetwork 7500 Series Security Configuration Manual page 6
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (597 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
Configuring portal Web server detection ································································································ 149
Configuring portal user synchronization ································································································· 150
Configuring the portal fail-permit feature ········································································································ 150
Configuring BAS-IP for portal packets sent to the portal authentication server ············································· 151
Applying a NAS-ID profile to an interface ······································································································ 152
Configuring the local portal Web server feature ····························································································· 152
Customizing authentication pages ········································································································· 153
Configuring a local portal Web server ···································································································· 155
Enabling portal roaming ································································································································· 155
Logging out online portal users ······················································································································ 156
Displaying and maintaining portal ·················································································································· 156
Portal configuration examples ························································································································ 157
Configuring direct portal authentication ·································································································· 157
Configuring re-DHCP portal authentication ···························································································· 162
Configuring cross-subnet portal authentication ······················································································ 165
Configuring extended direct portal authentication ·················································································· 168
Configuring extended re-DHCP portal authentication ············································································ 171
Configuring extended cross-subnet portal authentication ······································································ 175
Configuring portal server detection and portal user synchronization ····················································· 178
Configuring cross-subnet portal authentication for MPLS L3VPNs························································ 184
Configuring direct portal authentication using the local portal Web server ············································ 186
Troubleshooting portal ··································································································································· 189
No portal authentication page is pushed for users ················································································· 189
Cannot log out portal users on the access device ················································································· 189
Cannot log out portal users on the RADIUS server ··············································································· 190
Users logged out by the access device still exist on the portal authentication server···························· 190
Re-DHCP portal authenticated users cannot log in successfully ··························································· 190
Configuring port security ············································································· 192
Overview ························································································································································ 192
Port security features ····························································································································· 192
Port security modes ······························································································································· 192
Configuration task list ····································································································································· 195
Enabling port security ···································································································································· 195
Setting port security's limit on the number of secure MAC addresses on a port ············································ 196
Setting the port security mode ······················································································································· 196
Configuring port security features ·················································································································· 197
Configuring NTK ····································································································································· 197
Configuring intrusion protection ············································································································· 198
Configuring secure MAC addresses ·············································································································· 199
Configuration prerequisites ···················································································································· 199
Configuration procedure ························································································································· 200
Ignoring authorization information from the server ························································································ 200
Enabling MAC move ······································································································································ 201
Enabling the authorization-fail-offline feature ································································································· 201
Applying a NAS-ID profile to port security ······································································································ 201
Displaying and maintaining port security ······································································································· 202
Port security configuration examples ············································································································· 202
autoLearn configuration example ··········································································································· 202
userLoginWithOUI configuration example ······························································································ 204
macAddressElseUserLoginSecure configuration example ···································································· 207
Troubleshooting port security ························································································································· 211
Cannot set the port security mode ········································································································· 211
Cannot configure secure MAC addresses ····························································································· 211
Configuring password control ····································································· 212
Overview ························································································································································ 212
Password setting ···································································································································· 212
Password updating and expiration ········································································································· 213
User login control ··································································································································· 214
Password not displayed in any form ······································································································ 214
Logging ·················································································································································· 214
iv
Advertisement
Table of Contents
Troubleshooting
