Sign In
Upload
Manuals
Brands
HP Manuals
Switch
5120 SI Series
HP 5120 SI Series Manuals
Manuals and User Guides for HP 5120 SI Series. We have
4
HP 5120 SI Series manuals available for free PDF download: Command Reference Manual, Security Configuration Manual, Installation Manual, Specification
HP 5120 SI Series Command Reference Manual (395 pages)
Brand:
HP
| Category:
Switch
| Size: 1.92 MB
Table of Contents
1
Command Reference
3
Table of Contents
12
AAA Configuration Commands
12
General AAA Configuration Commands
12
Aaa Nas-ID Profile
12
Access-Limit Enable
13
Accounting Command
14
Accounting Default
15
Accounting Lan-Access
15
Accounting Login
16
Accounting Optional
17
Accounting Portal
18
Authentication Default
19
Authentication Lan-Access
19
Authentication Login
20
Authentication Portal
21
Authentication Super
22
Authorization Command
23
Authorization Default
24
Authorization Lan-Access
25
Authorization Login
26
Authorization Portal
26
Authorization-Attribute User-Profile
27
Cut Connection
28
Display Connection
31
Display Domain
32
Domain
33
Domain Default Enable
34
Idle-Cut Enable
35
Nas-ID Bind Vlan
35
Self-Service-Url Enable
36
State
37
Local User Configuration Commands
37
Access-Limit
38
Authorization-Attribute (Local User View/User Group View)
39
Bind-Attribute
40
Display Local-User
42
Display User-Group
43
Expiration-Date (Local User View)
44
Group
44
Local-User
45
Password
46
Service-Type
47
State(Local User View)
48
User-Group
49
RADIUS Configuration Commands
49
Accounting-On Enable
50
Attribute 25 Car
50
Data-Flow-Format (RADIUS Scheme View)
51
Display Radius Scheme
54
Display Radius Statistics
57
Display Stop-Accounting-Buffer
58
Key (RADIUS Scheme View)
59
Nas-Ip (RADIUS Scheme View)
60
Primary Accounting (RADIUS Scheme View)
61
Primary Authentication (RADIUS Scheme View)
63
Radius Client
64
Radius Nas-Ip
65
Radius Scheme
66
Radius Trap
67
Reset Radius Statistics
67
Reset Stop-Accounting-Buffer
68
Retry
69
Retry Realtime-Accounting
70
Retry Stop-Accounting (RADIUS Scheme View)
70
Secondary Accounting (RADIUS Scheme View)
72
Secondary Authentication (RADIUS Scheme View)
74
Security-Policy-Server
75
Server-Type
76
State Primary
76
State Secondary
77
Stop-Accounting-Buffer Enable (RADIUS Scheme View)
78
Timer Quiet (RADIUS Scheme View)
79
Timer Realtime-Accounting (RADIUS Scheme View)
80
Timer Response-Timeout (RADIUS Scheme View)
80
User-Name-Format (RADIUS Scheme View)
81
HWTACACS Configuration Commands
81
Data-Flow-Format (HWTACACS Scheme View)
82
Display Hwtacacs
85
Display Stop-Accounting-Buffer
85
Hwtacacs Nas-Ip
86
Hwtacacs Scheme
87
Key (HWTACACS Scheme View)
88
Nas-Ip (HWTACACS Scheme View)
89
Primary Accounting (HWTACACS Scheme View)
90
Primary Authentication (HWTACACS Scheme View)
91
Primary Authorization
92
Reset Hwtacacs Statistics
93
Reset Stop-Accounting-Buffer
93
Retry Stop-Accounting (HWTACACS Scheme View)
94
Secondary Accounting (HWTACACS Scheme View)
95
Secondary Authentication (HWTACACS Scheme View)
96
Secondary Authorization
98
Stop-Accounting-Buffer Enable (HWTACACS Scheme View)
98
Timer Quiet (HWTACACS Scheme View)
99
Timer Realtime-Accounting (HWTACACS Scheme View)
100
Timer Response-Timeout (HWTACACS Scheme View)
100
User-Name-Format (HWTACACS Scheme View)
102
802.1X Configuration Commands
102
Display Dot1X
105
Dot1X
106
Dot1X Authentication-Method
107
Dot1X Auth-Fail Vlan
108
Dot1X Critical Vlan
109
Dot1X Critical Recovery-Action
110
Dot1X Domain-Delimiter
111
Dot1X Guest-Vlan
112
Dot1X Handshake
113
Dot1X Handshake Secure
113
Dot1X Mandatory-Domain
114
Dot1X Max-User
116
Dot1X Multicast-Trigger
116
Dot1X Port-Control
117
Dot1X Port-Method
118
Dot1X Quiet-Period
119
Dot1X Re-Authenticate
120
Dot1X Retry
121
Dot1X Timer
122
Dot1X Unicast-Trigger
123
Reset Dot1X Statistics
124
EAD Fast Deployment Configuration Commands
124
Dot1X Free-Ip
124
Dot1X Timer Ead-Timeout
125
Dot1X Url
127
MAC Authentication Configuration Commands
127
Display Mac-Authentication
129
Mac-Authentication
130
Mac-Authentication Critical Vlan
131
Mac-Authentication Domain
132
Mac-Authentication Guest-Vlan
133
Mac-Authentication Max-User
133
Mac-Authentication Timer
134
Mac-Authentication User-Name-Format
135
Reset Mac-Authentication Statistics
137
Portal Configuration Commands
137
Display Portal Acl
140
Display Portal Connection Statistics
143
Display Portal Free-Rule
145
Display Portal Interface
146
Display Portal Local-Server
147
Display Portal Server
148
Display Portal Server Statistics
150
Display Portal Tcp-Cheat Statistics
152
Display Portal User
153
Portal Auth-Fail Vlan
154
Portal Auth-Network
155
Portal Delete-User
155
Portal Domain
156
Portal Free-Rule
157
Portal Local-Server
158
Portal Local-Server Enable
159
Portal Local-Server Ip
160
Portal Max-User
160
Portal Move-Mode Auto
161
Portal Nas-ID-Profile
162
Portal Nas-Ip
162
Portal Nas-Port-Type
163
Portal Offline-Detect Interval
164
Portal Redirect-Url
165
Portal Server
166
Portal Server Banner
166
Portal Server Method
167
Portal Server Server-Detect
169
Portal Server User-Sync
170
Portal Web-Proxy Port
171
Reset Portal Connection Statistics
172
Reset Portal Server Statistics
172
Reset Portal Tcp-Cheat Statistics
173
Port Security Configuration Commands
173
Display Port-Security
175
Display Port-Security Mac-Address Block
177
Display Port-Security Mac-Address Security
179
Port-Security Authorization Ignore
180
Port-Security Enable
180
Port-Security Intrusion-Mode
181
Port-Security Mac-Address Security
182
Port-Security Max-Mac-Count
183
Port-Security Ntk-Mode
184
Port-Security Oui
184
Port-Security Port-Mode
187
Port-Security Timer Disableport
187
Port-Security Trap
189
User Profile Configuration Commands
189
Display User-Profile
190
User-Profile Enable
190
User-Profile
192
Password Control Configuration Commands
192
Display Password-Control
193
Display Password-Control Blacklist
194
Password
195
Password-Control Aging
196
Password-Control Alert-Before-Expire
197
Password-Control Authentication-Timeout
197
Password-Control Complexity
198
Password-Control Composition
199
Password-Control { Aging | Composition | History | Length } Enable
200
Password-Control Enable
201
Password-Control Expired-User-Login
201
Password-Control History
202
Password-Control Length
203
Password-Control Login Idle-Time
203
Password-Control Login-Attempt
205
Password-Control Password Update Interval
205
Password-Control Super Aging
206
Password-Control Super Composition
207
Password-Control Super Length
207
Reset Password-Control Blacklist
208
Reset Password-Control History-Record
209
HABP Configuration Commands
209
Display Habp
210
Display Habp Table
210
Display Habp Traffic
211
Habp Client Vlan
212
Habp Enable
212
Habp Server Vlan
213
Habp Timer
214
Public Key Configuration Commands
214
Display Public-Key Local Public
216
Display Public-Key Peer
217
Peer-Public-Key End
217
Public-Key-Code Begin
218
Public-Key-Code End
219
Public-Key Local Create
220
Public-Key Local Destroy
220
Public-Key Local Export Dsa
222
Public-Key Local Export Rsa
223
Public-Key Peer
223
Public-Key Peer Import Sshkey
225
PKI Configuration Commands
225
Attribute
226
Ca Identifier
226
Certificate Request Entity
227
Certificate Request From
228
Certificate Request Mode
228
Certificate Request Polling
229
Certificate Request Url
230
Common-Name
230
Country
231
Crl Check
231
Crl Update-Period
232
Crl Url
233
Display Pki Certificate
234
Display Pki Certificate Access-Control-Policy
235
Display Pki Certificate Attribute-Group
236
Display Pki Crl Domain
238
Fqdn
238
Ip (PKI Entity View)
239
Ldap-Server
240
Locality
240
Organization
241
Organization-Unit
241
Pki Certificate Access-Control-Policy
242
Pki Certificate Attribute-Group
242
Pki Delete-Certificate
243
Pki Domain
243
Pki Entity
244
Pki Import-Certificate
245
Pki Request-Certificate Domain
246
Pki Retrieval-Certificate
246
Pki Retrieval-Crl Domain
247
Pki Validate-Certificate
247
Root-Certificate Fingerprint
248
Rule (PKI CERT ACP View)
249
State
250
SSH2.0 Configuration Commands
250
SSH2.0 Server Configuration Commands
250
Display Ssh Server
251
Display Ssh User-Information
252
Ssh Server Authentication-Retries
253
Ssh Server Authentication-Timeout
254
Ssh Server Compatible-Ssh1X
254
Ssh Server Enable
255
Ssh Server Rekey-Interval
256
Ssh User
257
SSH2.0 Client Configuration Commands
257
Display Ssh Client Source
258
Display Ssh Server-Info
259
Ssh Client Authentication Server
259
Ssh Client First-Time
260
Ssh Client Ipv6 Source
261
Ssh Client Source
261
Ssh2
263
Ssh2 Ipv6
265
SFTP Configuration Commands
265
SFTP Server Configuration Commands
265
Sftp Server Enable
265
Sftp Server Idle-Timeout
266
SFTP Client Configuration Commands
266
Bye
267
Cdup
267
Delete
268
Dir
269
Display Sftp Client Source
269
Exit
270
Get
270
Help
272
Mkdir
272
Put
273
Pwd
273
Quit
274
Remove
274
Rename
275
Rmdir
275
Sftp
276
Sftp Client Ipv6 Source
277
Sftp Client Source
278
Sftp Ipv6
280
SCP Configuration Commands
280
SCP Client Configuration Commands
280
Scp
282
SSL Configuration Commands
282
Ciphersuite
283
Client-Verify Enable
283
Close-Mode Wait
284
Display Ssl Client-Policy
285
Display Ssl Server-Policy
286
Handshake Timeout
287
Pki-Domain
288
Prefer-Cipher
288
Server-Verify Enable
289
Session
290
Ssl Client-Policy
290
Ssl Server-Policy
291
Version
293
TCP Attack Protection Configuration Commands
293
Display Tcp Status
294
Tcp Anti-Naptha Enable
294
Tcp State
295
Tcp Syn-Cookie Enable
296
Tcp Timer Check-State
297
IP Source Guard Configuration Commands
297
Display Ip Check Source
298
Display User-Bind
300
Ip Check Source
300
Ip Check Source Ipv6
301
Ip Check Source Max-Entries
302
User-Bind
303
User-Bind Ipv6
304
ARP Attack Protection Configuration Commands
304
ARP Packet Rate Limit Configuration Commands
304
Arp Rate-Limit
304
Source MAC Address Based ARP Attack Detection Configuration Commands
304
Arp Anti-Attack Source-Mac
305
Arp Anti-Attack Source-Mac Aging-Time
306
Arp Anti-Attack Source-Mac Exclude-Mac
306
Arp Anti-Attack Source-Mac Threshold
307
Display Arp Anti-Attack Source-Mac
308
ARP Packet Source MAC Address Consistency Check Configuration Commands
308
Arp Anti-Attack Valid-Check Enable
308
ARP Active Acknowledgement Configuration Commands
308
Arp Anti-Attack Active-Ack Enable
309
ARP Detection Configuration Commands
309
Arp Detection Enable
310
Arp Detection Trust
310
Arp Detection Validate
311
Arp Restricted-Forwarding Enable
311
Display Arp Detection
312
Display Arp Detection Statistics
313
Reset Arp Detection Statistics
314
ARP Gateway Protection Configuration Commands
314
Arp Filter Source
314
ARP Filtering Configuration Commands
314
Arp Filter Binding
316
ND Attack Defense Configuration Commands
316
Source MAC Consistency Check Commands
316
Ipv6 Nd Mac-Check Enable
316
ND Detection Configuration Commands
316
Display Ipv6 Nd Detection
317
Display Ipv6 Nd Detection Statistics
318
Ipv6 Nd Detection Enable
319
Ipv6 Nd Detection Trust
319
Reset Ipv6 Nd Detection Statistics
321
SAVI Configuration Commands
321
Ipv6 Savi Dad-Delay
321
Ipv6 Savi Dad-Preparedelay
322
Ipv6 Savi Down-Delay
322
Ipv6 Savi Strict
324
System-Guard Configuration Commands
324
Display System-Guard
325
System-Guard Aging Time
325
System-Guard Control
326
System-Guard Detect-Threshold
326
System-Guard Enable
327
System-Guard Rate-Limit
328
FIPS Configuration Commands
328
Fips Mode Enable
328
Display Fips Status
329
Fips Self-Test
Advertisement
HP 5120 SI Series Security Configuration Manual (385 pages)
Brand:
HP
| Category:
Network Router
| Size: 3.63 MB
Table of Contents
1
Configuration Guide
3
Table of Contents
13
AAA Configuration
13
AAA Overview
14
Radius
20
Hwtacacs
22
Domain-Based User Management
23
Protocols and Standards
23
RADIUS Attributes
26
FIPS Compliance
26
AAA Configuration Considerations and Task List
28
Configuring AAA Schemes
28
Configuring Local Users
32
Configuring RADIUS Schemes
43
Configuring HWTACACS Schemes
48
Configuring AAA Methods for ISP Domains
49
Configuration Prerequisites
49
Creating an ISP Domain
49
Configuring ISP Domain Attributes
50
Configuring AAA Authentication Methods for an ISP Domain
52
Configuring AAA Authorization Methods for an ISP Domain
54
Configuring AAA Accounting Methods for an ISP Domain
55
Tearing Down User Connections Forcibly
55
Configuring a NAS ID-VLAN Binding
56
Displaying and Maintaining AAA
56
AAA Configuration Examples
56
AAA for Telnet Users By an HWTACACS Server
58
AAA for Telnet Users By Separate Servers
59
Authentication/Authorization for Ssh/Telnet Users By a RADIUS Server
63
Level Switching Authentication for Telnet Users By an HWTACACS Server
67
Troubleshooting AAA
67
Troubleshooting RADIUS
68
Troubleshooting HWTACACS
69
802.1X Fundamentals
69
Architecture of 802.1X
69
Controlled/Uncontrolled Port and Pot Authorization Status
70
802.1X-Related Protocols
70
Packet Format
72
EAP Over RADIUS
72
Initiating 802.1X Authentication
72
802.1X Client As the Initiator
72
Access Device As the Initiator
73
802.1X Authentication Procedures
73
A Comparison of EAP Relay and EAP Termination
74
EAP Relay
75
EAP Termination
77
802.1X Configuration
77
HP Implementation of 802.1X
77
Access Control Methods
77
Using 802.1X Authentication with Other Features
82
Configuring 802.1X
82
Configuration Prerequisites
82
802.1X Configuration Task List
83
Enabling 802.1X
84
Specifying EAP Relay or EAP Termination
84
Setting the Port Authorization State
85
Specifying an Access Control Method
85
Setting the Maximum Number of Concurrent 802.1X Users On a Port
86
Setting the Maximum Number of Authentication Request Attempts
86
Setting the 802.1X Authentication Timeout Timers
87
Configuring the Online User Handshake Function
88
Configuring the Authentication Trigger Function
88
Specifying a Mandatory Authentication Domain On a Port
89
Enabling the Quiet Timer
89
Enabling the Periodic Online User Re-Authentication Function
90
Configuring an 802.1X Guest VLAN
91
Configuring an Auth-Fail VLAN
92
Configuring an 802.1X Critical VLAN
93
Specifying Supported Domain Name Delimiters
93
Displaying and Maintaining 802.1X
94
802.1X Configuration Examples
94
802.1X Authentication Configuration Example
96
With Guest VLAN and VLAN Assignment Configuration Example
99
802.1X with ACL Assignment Configuration Example
101
EAD Fast Deployment Configuration
101
EAD Fast Deployment Overview
101
EAD Fast Deployment Implementation
101
Configuring EAD Fast Deployment
101
Configuration Prerequisites
102
Configuration Procedure
103
Displaying and Maintaining EAD Fast Deployment
103
EAD Fast Deployment Configuration Example
105
Troubleshooting EAD Fast Deployment
105
Web Browser Users Cannot Be Correctly Redirected
107
MAC Authentication Configuration
107
MAC Authentication Overview
107
User Account Policies
107
Authentication Approaches
108
MAC Authentication Timers
108
Using MAC Authentication with Other Features
108
VLAN Assignment
109
ACL Assignment
109
Guest VLAN
109
Critical VLAN
109
MAC Authentication Configuration Task List
110
Basic Configuration for MAC Authentication
110
Configuration Prerequisites
110
Configuration Procedure
111
Specifying an Authentication Domain for MAC Authentication Users
112
Configuring a MAC Authentication Guest VLAN
112
Configuration Prerequisites
112
Configuration Procedure
113
Configuring a MAC Authentication Critical VLAN
113
Configuration Prerequisites
113
Configuration Procedure
113
Displaying and Maintaining MAC Authentication
114
MAC Authentication Configuration Examples
114
Local MAC Authentication Configuration Example
115
Radius-Based MAC Authentication Configuration Example
117
ACL Assignment Configuration Example
120
Portal Configuration
120
Overview
120
Extended Portal Functions
120
Portal System Components
122
Portal System Using the Local Portal Server
123
Portal Authentication Modes
123
Portal Support for EAP
124
Layer 2 Portal Authentication Process
125
Layer 3 Portal Authentication Process
128
Portal Configuration Task List
129
Configuration Prerequisites
130
Specifying the Portal Server
130
Specifying the Local Portal Server for Layer 2 Portal Authentication
130
Specifying a Portal Server for Layer 3 Portal Authentication
131
Configuring the Local Portal Server
131
Customizing Authentication Pages
134
Configuring the Local Portal Server
135
Enabling Portal Authentication
135
Enabling Layer 2 Portal Authentication
135
Enabling Layer 3 Portal Authentication
136
Controlling Access of Portal Users
136
Configuring a Portal-Free Rule
137
Configuring an Authentication Source Subnet
138
Setting the Maximum Number of Online Portal Users
138
Specifying an Authentication Domain for Portal Users
139
Configuring Layer 2 Portal Authentication to Support Web Proxy
139
Enabling Support for Portal User Moving
140
Specifying an Auth-Fail VLAN for Portal Authentication
140
Configuring RADIUS Related Attributes
141
Specifying Nas-Port-Type for an Interface
141
Specifying a NAS ID Profile for an Interface
142
Specifying a Source IP Address for Outgoing Portal Packets
142
Specifying an Auto Redirection URL for Authenticated Portal Users
143
Configuring Portal Detection Functions
143
Configuring Online Layer 2 Portal User Detection
143
Configuring the Portal Server Detection Function
145
Configuring Portal User Information Synchronization
146
Logging Off Portal Users
146
Displaying and Maintaining Portal
147
Portal Configuration Examples
147
Configuring Direct Portal Authentication
154
Configuring Cross-Subnet Portal Authentication
156
Configuring Direct Portal Authentication with Extended Functions
158
Configuring Cross-Subnet Portal Authentication with Extended Functions
160
Configuring Portal Server Detection and Portal User Information Synchronization
168
Configuring Layer 2 Portal Authentication
171
Troubleshooting Portal
171
Inconsistent Keys On the Access Device and the Portal Server
172
Incorrect Server Port Number On the Access Device
173
Triple Authentication Configuration
173
Introduction to Triple Authentication
173
Overview
173
Triple Authentication Mechanism
174
Extended Functions
175
Triple Authentication Configuration Task List
175
Triple Authentication Configuration Examples
175
Triple Authentication Basic Function Configuration Example
178
Triple Authentication Supporting VLAN Assignment and Auth-Fail VLAN Configuration Example
183
Port Security Configuration
183
Port Security Overview
184
Port Security Features
184
Port Security Modes
186
Support for Guest VLAN and Auth-Fail VLAN
187
Port Security Configuration Task List
187
Enabling Port Security
187
Configuration Prerequisites
187
Configuration Procedure
188
Setting the Maximum Number of Secure MAC Addresses
188
Setting the Port Security Mode
188
Configuration Prerequisites
189
Configuration Procedure
190
Configuring Port Security Features
190
Configuring NTK
190
Configuring Intrusion Protection
191
Configuring Port Security Traps
191
Configuring Secure MAC Addresses
192
Configuration Prerequisites
192
Configuration Procedure
192
Ignoring Authorization Information From the Server
193
Displaying and Maintaining Port Security
193
Port Security Configuration Examples
193
Configuring the Autolearn Mode
195
Configuring the Userloginwithoui Mode
197
Verify the Configuration
199
Configuring the Macaddresselseuserloginsecure Mode
200
Configuration Information
202
Troubleshooting Port Security
202
Cannot Set the Port Security Mode
202
Cannot Configure Secure MAC Addresses
203
Cannot Change Port Security Mode When a User Is Online
204
User Profile Configuration
204
User Profile Overview
204
User Profile Configuration Task List
205
Creating a User Profile
205
Configuration Prerequisites
205
Configuring a User Profile
206
Enabling a User Profile
206
Displaying and Maintaining User Profile
207
Password Control Configuration
207
Password Control Overview
209
FIPS Compliance
210
Password Control Configuration Task List
210
Configuring Password Control
210
Enabling Password Control
211
Setting Global Password Control Parameters
212
Setting User Group Password Control Parameters
213
Setting Local User Password Control Parameters
213
Setting Super Password Control Parameters
214
Setting a Local User Password in Interactive Mode
214
Displaying and Maintaining Password Control
215
Password Control Configuration Example
218
HABP Configuration
218
Introduction to HABP
219
Configuring HABP
219
Configuring the HABP Server
219
Configuring an HABP Client
220
Displaying and Maintaining HABP
220
HABP Configuration Example
220
Network Requirements
221
Configuration Procedure
223
Public Key Configuration
223
Asymmetric Key Algorithm Overview
223
Basic Concepts
223
Key Algorithm Types
224
Asymmetric Key Algorithm Applications
224
FIPS Compliance
224
Configuring the Local Asymmetric Key Pair
224
Creating an Asymmetric Key Pair
225
Displaying or Exporting the Local RSA or DSA Host Public Key
225
Destroying an Asymmetric Key Pair
226
Configuring a Remote Host's Public Key
227
Displaying and Maintaining Public Keys
227
Public Key Configuration Examples
227
Configuring a Remote Host's Public Key Manually
229
Importing a Remote Host's Public Key From a Public Key File
232
PKI Configuration
232
Introduction to PKI
232
PKI Overview
232
PKI Terms
233
Architecture of PKI
234
Applications of PKI
234
Operation of PKI
235
PKI Configuration Task List
235
Configuring an Entity DN
236
Configuring a PKI Domain
238
Submitting a PKI Certificate Request
238
Submitting a Certificate Request in Auto Mode
239
Submitting a Certificate Request in Manual Mode
240
Retrieving a Certificate Manually
240
Configuring PKI Certificate Verification
242
Destroying a Local RSA Key Pair
242
Deleting a Certificate
242
Configuring an Access Control Policy
243
Displaying and Maintaining PKI
243
PKI Configuration Examples
243
Requesting a Certificate From a CA Running RSA Keon
247
Requesting a Certificate From a CA Running Windows 2003 Server
250
Configuring a Certificate Attribute-Based Access Control Policy
251
Troubleshooting PKI
251
Failed to Retrieve a CA Certificate
252
Failed to Request a Local Certificate
253
Failed to Retrieve Crls
254
SSH2.0 Configuration
254
SSH2.0 Overview
254
Introduction to SSH2.0
254
SSH Operation
257
FIPS Compliance
257
Configuring the Device As an SSH Server
257
SSH Server Configuration Task List
257
Generating a DSA or RSA Key Pair
258
Enabling the SSH Server Function
258
Configuring the User Interfaces for SSH Clients
259
Configuring a Client Public Key
260
Configuring an SSH User
261
Setting the SSH Management Parameters
262
Configuring the Device As an SSH Client
262
SSH Client Configuration Task List
262
Specifying a Source IP Address/Interface for the SSH Client
262
Configuring Whether First-Time Authentication Is Supported
263
Establishing a Connection Between the SSH Client and Server
264
Displaying and Maintaining SSH
265
SSH Server Configuration Examples
265
When Switch Acts As Server for Password Authentication
267
When Switch Acts As Server for Publickey Authentication
272
SSH Client Configuration Examples
272
When Switch Acts As Client for Password Authentication
275
When Switch Acts As Client for Publickey Authentication
278
SFTP Configuration
278
SFTP Overview
278
Configuring the Device As an SFTP Server
278
Configuration Prerequisites
278
Enabling the SFTP Server
279
Configuring the SFTP Connection Idle Timeout Period
279
Configuring the Device an SFTP Client
279
Specifying a Source IP Address or Interface for the SFTP Client
279
Establishing a Connection to the SFTP Server
280
Working with SFTP Directories
281
Working with SFTP Files
281
Displaying Help Information
281
Terminating the Connection to the Remote SFTP Server
282
SFTP Client Configuration Example
285
SFTP Server Configuration Example
288
SCP Configuration
288
SCP Overview
288
Configuring the Switch As an SCP Server
289
Configuring the Switch As the SCP Client
289
SCP Client Configuration Example
290
SCP Server Configuration Example
292
SSL Configuration
292
SSL Overview
292
SSL Security Mechanism
293
SSL Protocol Stack
294
FIPS Compliance
294
SSL Configuration Task List
294
Configuring an SSL Server Policy
294
Configuration Prerequisites
294
Configuration Procedure
295
SSL Server Policy Configuration Example
297
Configuring an SSL Client Policy
297
Configuration Prerequisites
297
Configuration Procedure
298
Displaying and Maintaining SSL
298
Troubleshooting SSL
298
SSL Handshake Failure
300
TCP Attack Protection Configuration
300
TCP Attack Protection Overview
300
Enabling the SYN Cookie Feature
301
Enabling Protection against Naptha Attacks
301
Displaying and Maintaining TCP Attack Protection
302
IP Source Guard Configuration
302
IP Source Guard Overview
302
IP Source Guard Entries
303
Configuring Ipv4 Source Guard
303
Configuring Static Ipv4 Source Guard
304
Configuring Dynamic Ipv4 Source Guard
305
Setting the Maximum Number of Ipv4 Source Guard Entries
305
Configuring Ipv6 Source Guard
305
Configuring Static Ipv6 Source Guard
306
Configuring Dynamic Ipv6 Source Guard
307
Setting the Maximum Number of Ipv6 Source Guard Entries
307
Displaying and Maintaining IP Source Guard
308
IP Source Guard Configuration Examples
308
Static Ipv4 Source Guard Configuration Example
309
Dynamic Ipv4 Source Guard Using DHCP Snooping Configuration Example
311
Dynamic Ipv4 Source Guard Using DHCP Relay Configuration Example
312
Static Ipv6 Source Guard Configuration Example
312
Dynamic Ipv6 Source Guard Using Dhcpv6 Snooping Configuration Example
314
Dynamic Ipv6 Source Guard Using ND Snooping Configuration Example
315
Troubleshooting IP Source Guard
315
Neither Static nor Dynamic IP Source Guard Can Be Configured
316
ARP Attack Protection Configuration
316
ARP Attack Protection Overview
316
ARP Attack Protection Configuration Task List
317
Configuring ARP Packet Rate Limit
318
Configuring Source MAC Address Based ARP Attack Detection
318
Introduction
318
Configuration Procedure
319
Displaying and Maintaining Source MAC Address Based ARP Attack Detection
319
Configuring ARP Packet Source MAC Address Consistency Check
319
Introduction
319
Configuration Procedure
319
Configuring ARP Active Acknowledgement
320
Configuring ARP Detection
320
Introduction
320
Security Entries/Oui MAC Addresses
321
Configuring ARP Detection Based On Specified Objects
322
Configuring ARP Restricted Forwarding
322
Displaying and Maintaining ARP Detection
323
ARP Detection Configuration Example I
324
ARP Detection Configuration Example II
325
ARP Restricted Forwarding Configuration Example
327
Configuring ARP Gateway Protection
327
Introduction
327
Configuration Procedure
328
ARP Gateway Protection Configuration Example
329
Configuring ARP Filtering
329
Introduction
329
Configuration Procedure
329
ARP Filtering Configuration Example
331
ND Attack Defense Configuration
331
Introduction to ND Attack Defense
332
Enabling Source MAC Consistency Check for ND Packets
332
Configuring the ND Detection Function
332
Introduction to ND Detection
333
Configuring ND Detection
334
Displaying and Maintaining ND Detection
334
ND Detection Configuration Example
337
SAVI Configuration
337
SAVI Overview
337
Global SAVI Configuration
338
SAVI Configuration in Dhcpv6-Only Address Assignment Scenario
340
SAVI Configuration in Slaac-Only Address Assignment Scenario
342
SAVI Configuration in Dhcpv6+Slaac Address Assignment Scenario
345
System-Guard Configuration
345
Configuring System-Guard
346
Displaying System-Guard
346
System-Guard Configuration Example
346
Network Requirements
346
Configuration Procedure
HP 5120 SI Series Installation Manual (48 pages)
Brand:
HP
| Category:
Switch
| Size: 2.35 MB
Table of Contents
1
Installation Guide
3
Table of Contents
5
Preparing for Installation
5
Safety Recommendations
6
Examining the Installation Site
6
Temperature/Humidity
6
Cleanliness
7
Emi
7
Laser Safety
7
Installation Tools
8
Installation Accessories
10
Installing the Switch
10
Installing the Switch in a 19-Inch Rack
11
Mounting Brackets and Mounting Positions
11
Attaching the Mounting Brackets to the Switch Chassis
13
Rack-Mounting the Switch
15
Mounting the Switch On a Workbench
15
Grounding the Switch
15
Grounding the Switch with a Grounding Strip
17
Grounding the Switch with a Grounding Conductor Buried in the Earth Ground
18
Grounding the Switch By Using the AC Power Cord
19
Connecting the Power Cord
19
Connecting the AC Power Cord
19
Connecting the Switch to a -52 to -55 VDC Output RPS
20
Verifying the Installation
21
Accessing the Switch for the First Time
21
Setting Up the Configuration Environment
21
Connecting the Console Cable
21
Console Cable
22
Setting Terminal Parameters
22
Powering On the Switch
23
Setting Up an IRF Fabric
23
IRF Fabric Setup Flowchart
24
Planning IRF Fabric Setup
24
Planning IRF Fabric Size and the Installation Site
24
Identifying the Master Switch and Planning IRF Member Ids
25
Planning IRF Topology and Connections
26
Identifying Physical IRF Ports On the Member Switches
26
Planning the Cabling Scheme
27
Configuring Basic IRF Settings
27
Connecting the Physical IRF Ports
27
Accessing the IRF Fabric to Verify the Configuration
28
Maintenance and Troubleshooting
28
Power Supply Failure
29
Configuration Terminal Problems
30
Appendix A Chassis Views and Technical Specifications
30
Chassis Views
30
5120 16G Si
31
5120 48G Si
31
5120 8G Poe+ (65W) SI
32
5120 8G Poe+ (180W) SI
33
5120 24G Poe+ (370W) SI
34
Technical Specifications
34
Chassis Dimensions and Weights
34
Ports
34
Environmental Specifications
34
Power Specifications
34
Power Input Types
35
AC Input Voltage Specifications
35
RPS DC Input Voltage Specifications and RPS Compatibility
35
Power Consumption Specifications for Non-Poe Switches
35
Power Consumption Specifications for Poe Switches
35
Cooling System
37
Appendix B Frus and Compatibility Matrixes
37
SFP Transceiver Modules and SFP Stacking Kit
39
Appendix C Ports and Leds
39
Ports
39
Console Port
39
10/100/1000Base-T Ethernet Port
39
SFP Port
39
Leds
40
Power LED
40
RPS Status LED
40
Port Mode LED
41
10/100/1000Base-T Ethernet Port LED
42
1000Base-X SFP Port LED
Advertisement
HP 5120 SI Series Specification (33 pages)
5120 SI Switch Series
Brand:
HP
| Category:
Switch
| Size: 0.57 MB
Table of Contents
1
Key Features
1
Product Overview
1
Features and Benefits
4
Additional Information
8
Technical Specifications
Share and save
Advertisement
Related Products
HP HP 5120 series
HP 5120 EI Series
HP 5120-48G EI TAA
HP 5120-48G-PoE+ EI
HP 5120-24G EI TAA
HP 5120-48G-PoE+ EI
HP 5120-24G-PoE+ EI
HP 5120-24G SI
HP 5120-24G-PoE+ 170W SI
HP 5120-48G SI
HP Categories
Desktop
Laptop
Server
Switch
Monitor
More HP Manuals
×
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
×
Upload manual
Upload from disk
Upload from URL