Sign In
Upload
Download
Table of Contents
Contents
Add to my manuals
Delete from my manuals
Share
URL of this page:
HTML Link:
Bookmark this page
Add
Manual will be automatically added to "My Manuals"
Print this page
×
Bookmark added
×
Added to my manuals
Manuals
Brands
HP Manuals
Switch
J9050A
Access security manual
HP J9050A Access Security Manual
Hide thumbs
1
2
3
4
Table Of Contents
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
page
of
374
Go
/
374
Contents
Table of Contents
Bookmarks
Table of Contents
Table of Contents
Product Documentation
About Your Switch Manual Set
Feature Index
Getting Started
Contents
Introduction
Conventions
Feature Descriptions by Model
Command Syntax Statements
Command Prompts
Screen Simulations
Port Identity Examples
Configuration and Operation Examples
Keys
Sources for more Information
Getting Documentation from the Web
Online Help
Need Only a Quick Start
IP Addressing
To Set up and Install the Switch in Your Network
Physical Installation
Overview of Access Security Features
General Switch Traffic Security Guideline
Configuring Username and Password Security
Contents
Overview
Configuring Local Password Security
Menu: Setting Passwords
CLI: Setting Passwords and Usernames
Web: Setting Passwords and Usernames
Front-Panel Security
When Security Is Important
Front-Panel Button Functions
Clear Button
Reset Button
Restoring the Factory Default Configuration
Configuring Front-Panel Security
Disabling the Clear Password Function of the Clear Button on the Switch's Front Panel
Re-Enabling the Clear Button on the Switch's Front Panel and Setting or Changing the "Reset-On-Clear" Operation
Changing the Operation of the Reset+Clear Combination
Password Recovery
Disabling or Re-Enabling the Password Recovery Process
Password Recovery Process
Web and MAC Authentication
Contents
Overview
Client Options
General Features
How Web and MAC Authentication Operate
Authenticator Operation
Web-Based Authentication
MAC-Based Authentication
Terminology
Operating Rules and Notes
General Setup Procedure for Web/Mac Authentication
Do These Steps before You Configure Web/Mac Authentication
Additional Information for Configuring the RADIUS Server to Support MAC Authentication
Configuring the Switch to Access a RADIUS Server
Configuring Web Authentication
Configuration Overview
Configuration Commands for Web-Based Authentication
Show Commands for Web-Based Authentication
Example: Verifying a Web Authentication Configuration
Configuring MAC Authentication
Configuration Overview
Configuration Commands for MAC-Based Authentication
Show Commands for MAC-Based Authentication
Example: Verifying a MAC Authentication Configuration
Client Status
TACACS+ Authentication
Contents
Overview
Terminology Used in TACACS Applications
General System Requirements
General Authentication Setup Procedure
Configuring TACACS+ on the Switch
Before You Begin
CLI Commands Described in this Section
Viewing the Switch's Current Authentication Configuration
Viewing the Switch's Current TACACS+ Server Contact Configuration
Configuring the Switch's Authentication Methods
Configuring the Switch's TACACS+ Server Access
How Authentication Operates
General Authentication Process Using a TACACS+ Server
Local Authentication Process
Using the Encryption Key
General Operation
Encryption Options in the Switch
Controlling Web Browser Interface Access When Using TACACS+ Authentication
Messages Related to TACACS+ Operation
Operating Notes
RADIUS Authentication and Accounting
Contents
Overview
Authentication Services
Accounting Services
RADIUS-Administered Cos and Rate-Limiting
Terminology
Switch Operating Rules for RADIUS
General RADIUS Setup Procedure
Configuring the Switch for RADIUS Authentication
Outline of the Steps for Configuring RADIUS Authentication
Configure Authentication for the Access Methods You Want RADIUS to Protect
Enable the (Optional) Access Privilege Option
Configure the Switch to Access a RADIUS Server
Configure the Switch's Global RADIUS Parameters
Local Authentication Process
Controlling Web Browser Interface Access
Configuring RADIUS Authorization
Overview
Commands Authorization Type
Enabling Authorization with the CLI
Showing Authorization Information
Configuring the RADIUS Server
Using Vendor Specific Attributes (Vsas)
Example Configuration on Cisco Secure ACS for MS Windows 5-25
Example Configuration Using Freeradius
Configuring RADIUS Accounting
Operating Rules for RADIUS Accounting
Steps for Configuring RADIUS Accounting
Configure the Switch to Access a RADIUS Server
Configure Accounting Types and the Controls for Sending Reports to the RADIUS Server
Optional) Configure Session Blocking and Interim Updating Options
Viewing RADIUS Statistics
General RADIUS Statistics
RADIUS Authentication Statistics
RADIUS Accounting Statistics
Changing RADIUS-Server Access Order
Messages Related to RADIUS Operation
Configuring Secure Shell (SSH)
Overview
Terminology
Prerequisite for Using SSH
Public Key Formats
Steps for Configuring and Using SSH for Switch and Client Authentication
General Operating Rules and Notes
Configuring the Switch for SSH Operation
Assigning a Local Login (Operator) and Enable (Manager) Password
Generating the Switch's Public and Private Key Pair
Providing the Switch's Public Key to Clients
Enabling SSH on the Switch and Anticipating SSH Client Contact Behavior
Configuring the Switch for SSH Authentication
Use an SSH Client to Access the Switch
Further Information on SSH Client Public-Key Authentication
Messages Related to SSH Operation
Configuring Secure Socket Layer (SSL)
Overview
Terminology
Prerequisite for Using SSL
Steps for Configuring and Using SSL for Switch and Client
Authentication
General Operating Rules and Notes
Configuring the Switch for SSL Operation
Assigning a Local Login (Operator) and Enable (Manager) Password
Generating the Switch's Server Host Certificate
To Generate or Erase the Switch's Server Certificate
With the CLI
Comments on Certificate Fields
Generate a Self-Signed Host Certificate with the Web Browser
Interface
Generate a CA-Signed Server Host Certificate with the Web Browser Interface
Enabling SSL on the Switch and Anticipating SSL Browser Contact Behavior
Using the CLI Interface to Enable SSL
Using the Web Browser Interface to Enable SSL
Common Errors in SSL Setup
Traffic/Security Filters
Overview
Introduction
Filter Limits
Using Port Trunks with Filters
Filter Types and Operation
Source-Port Filters
Operating Rules for Source-Port Filters
Example
Named Source-Port Filters
Operating Rules for Named Source-Port Filters
Defining and Configuring Named Source-Port Filters
Viewing a Named Source-Port Filter
Using Named Source-Port Filters
Static Multicast Filters
Protocol Filters
Configuring Traffic/Security Filters
Configuring a Source-Port Traffic Filter
Example of Creating a Source-Port Filter
Configuring a Filter on a Port Trunk
Editing a Source-Port Filter
Configuring a Multicast or Protocol Traffic Filter
Filter Indexing
Displaying Traffic/Security Filters
Configuring Port-Based and Client-Based Access Control (802.1X)
Contents
Overview
Why Use Port-Based or Client-Based Access Control
General Features
User Authentication Methods
802.1X Client-Based Access Control
802.1X Port-Based Access Control
Alternative to Using a RADIUS Server
Accounting
Terminology
General 802.1X Authenticator Operation
Example of the Authentication Process
VLAN Membership Priority
General Operating Rules and Notes
General Setup Procedure for 802.1X Access Control
Do These Steps before You Configure 802.1X Operation
Overview: Configuring 802.1X Authentication on the Switch
Configuring Switch Ports as 802.1X Authenticators
Enable 802.1X Authentication on Selected Ports
Enable the Selected Ports as Authenticators and Enable the (Default) Port-Based Authentication
Specify Client-Based or Return to Port-Based 802.1X Authentication
Example: Configuring Client-Based 802.1X Authentication
Example: Configuring Port-Based 802.1X Authentication
Reconfigure Settings for Port-Access
Configure the 802.1X Authentication Method
Enter the RADIUS Host IP Address(Es)
Enable 802.1X Authentication on the Switch
Optionally Resetting Authenticator Operation
Optional: Configure 802.1X Controlled Directions
Wake-On-LAN Traffic
Operating Notes
Example: Configuring 802.1X Controlled Directions
802.1X Open VLAN Mode
Introduction
VLAN Membership Priorities
Use Models for 802.1X Open VLAN Modes
Operating Rules for Authorized-Client and Unauthorized-Client Vlans
Setting up and Configuring 802.1X Open VLAN Mode
802.1X Open VLAN Operating Notes
Option for Authenticator Ports: Configure Port-Security to Allow Only 802.1X-Authenticated Devices
Port-Security
Configuring Switch Ports to Operate as Supplicants for 802.1X Connections to Other Switches
Example
Supplicant Port Configuration
Displaying 802.1X Configuration, Statistics, and Counters
Show Commands for Port-Access Authenticator
Viewing 802.1X Open VLAN Mode Status
Show Commands for Port-Access Supplicant
How RADIUS/802.1X Authentication Affects VLAN Operation
Operating Notes
Messages Related to 802.1X Operation
Configuring and Monitoring Port Security
Contents
Overview
Port Security
Basic Operation
Eavesdrop Protection
Blocking Unauthorized Traffic
Trunk Group Exclusion
Planning Port Security
Port Security Command Options and Operation
Port Security Display Options
Configuring Port Security
Retention of Static Addresses
MAC Lockdown
Differences between MAC Lockdown and Port Security
MAC Lockdown Operating Notes
Deploying MAC Lockdown
MAC Lockout
Port Security and MAC Lockout
Web: Displaying and Configuring Port Security Features
Reading Intrusion Alerts and Resetting Alert Flags
Notice of Security Violations
How the Intrusion Log Operates
Keeping the Intrusion Log Current by Resetting Alert Flags
Menu: Checking for Intrusions, Listing Intrusion Alerts, and Resetting Alert Flags
CLI: Checking for Intrusions, Listing Intrusion Alerts, and Resetting Alert Flags
Using the Event Log to Find Intrusion Alerts
Web: Checking for Intrusions, Listing Intrusion Alerts, and Resetting Alert Flags
Operating Notes for Port Security
Using Authorized IP Managers
Overview
Options
Access Levels
Defining Authorized Management Stations
Overview of IP Mask Operation
Menu: Viewing and Configuring IP Authorized Managers
CLI: Viewing and Configuring Authorized IP Managers
Listing the Switch's Current Authorized IP Manager(S)
Configuring IP Authorized Managers for the Switch
Web: Configuring IP Authorized Managers
Building IP Masks
Configuring One Station Per Authorized Manager IP Entry
Configuring Multiple Stations Per Authorized Manager IP Entry
Additional Examples for Authorizing Multiple Stations
Operating Notes
Key Management System
Overview
Terminology
Configuring Key Chain Management
Creating and Deleting Key Chain Entries
Assigning a Time-Independent Key to a Chain
Assigning Time-Dependent Keys to a Chain
Index
Advertisement
Quick Links
Download this manual
Access Security Guide
2900yl
ProCurve Switches
T.12.XX
www.procurve.com
Table of
Contents
Previous
Page
Next
Page
1
2
3
4
5
Advertisement
Table of Contents
Need help?
Do you have a question about the J9050A and is the answer not in the manual?
Ask a question
Questions and answers
Subscribe to Our Youtube Channel
Related Manuals for HP J9050A
Switch HP 2610 User Manual
Version r.11.25 software procurve 2610 series (68 pages)
Switch HP J4900B Installation And Getting Started Manual
Procurve series 2600 switches (116 pages)
Switch HP ProCurve 2610 Installation And Getting Started Manual
(112 pages)
Switch HP PROCURVE 2610 Advanced Traffic Management Manual
(364 pages)
Switch HP HP 2610 Series Specification
Hp 2610 switch series (43 pages)
Switch HP J9079A Management And Configuration Manual
Hp switch user manual (57 pages)
Switch HP ProCurve 4204vl Quick Reference Manual
Hp procurve 4204vl: reference guide (44 pages)
Switch HP J9049A Access Security Manual
(374 pages)
Switch HP ProCurve 4204vl Datasheet
Procurve switch 4200vl series (10 pages)
Switch HP ProCurve 4202vl-48G Installation And Getting Started Manual
Procurve 4200vl series (100 pages)
Switch HP HP ProCurve Switch vl 12 J8763A J8763A Read Me First
Switch modules (4 pages)
Switch HP ProCurve J8766A Installation Manual
Hp procurve switch vl modules (48 pages)
Switch HP ProCurve 2810 Installation And Getting Started Manual
(94 pages)
Switch HP 1410 series Specification
Hp 1410 switch series (33 pages)
Switch HP 1405-5 Quick Start Manual
(16 pages)
Switch HP 2920 Series Multicast And Routing Manual
For wb.15.16 (83 pages)
Table of Contents
Print
Rename the bookmark
Delete bookmark?
Delete from my manuals?
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL
Need help?
Do you have a question about the J9050A and is the answer not in the manual?
Questions and answers