HP 5120 SI Series Manuals
Manuals and User Guides for HP 5120 SI Series. We have 4 HP 5120 SI Series manuals available for free PDF download: Command Reference Manual, Security Configuration Manual, Installation Manual, Specification
HP 5120 SI Series Command Reference Manual (395 pages)
Table of contents
Command Reference1................................................................................................................................................................
Table Of Contents3................................................................................................................................................................
Aaa Configuration Commands12................................................................................................................................................................
Accounting Command13................................................................................................................................................................
Accounting Default14................................................................................................................................................................
Accounting Lan-access15................................................................................................................................................................
Accounting Optional16................................................................................................................................................................
Accounting Portal17................................................................................................................................................................
Authentication Default18................................................................................................................................................................
Authentication Lan-access19................................................................................................................................................................
Authentication Portal20................................................................................................................................................................
Authentication Super21................................................................................................................................................................
Authorization Command22................................................................................................................................................................
Authorization Default23................................................................................................................................................................
Authorization Lan-access24................................................................................................................................................................
Authorization Login25................................................................................................................................................................
Authorization Portal26................................................................................................................................................................
Cut Connection27................................................................................................................................................................
Display Connection28................................................................................................................................................................
Display Domain31................................................................................................................................................................
Domain32................................................................................................................................................................
Domain Default Enable33................................................................................................................................................................
Idle-cut Enable34................................................................................................................................................................
Nas-id Bind Vlan35................................................................................................................................................................
State36................................................................................................................................................................
Local User Configuration Commands37................................................................................................................................................................
Authorization-attribute (local User View/user Group View)38................................................................................................................................................................
Bind-attribute39................................................................................................................................................................
Display Local-user40................................................................................................................................................................
Display User-group42................................................................................................................................................................
Expiration-date (local User View)43................................................................................................................................................................
Group44................................................................................................................................................................
Password45................................................................................................................................................................
Service-type46................................................................................................................................................................
State(local User View)47................................................................................................................................................................
User-group48................................................................................................................................................................
Radius Configuration Commands49................................................................................................................................................................
Attribute 25 Car50................................................................................................................................................................
Display Radius Scheme51................................................................................................................................................................
Display Radius Statistics54................................................................................................................................................................
Display Stop-accounting-buffer57................................................................................................................................................................
Key (radius Scheme View)58................................................................................................................................................................
Nas-ip (radius Scheme View)59................................................................................................................................................................
Primary Accounting (radius Scheme View)60................................................................................................................................................................
Primary Authentication (radius Scheme View)61................................................................................................................................................................
Radius Client63................................................................................................................................................................
Radius Nas-ip64................................................................................................................................................................
Radius Scheme65................................................................................................................................................................
Radius Trap66................................................................................................................................................................
Reset Radius Statistics67................................................................................................................................................................
Retry68................................................................................................................................................................
Retry Realtime-accounting69................................................................................................................................................................
Retry Stop-accounting (radius Scheme View)70................................................................................................................................................................
Secondary Authentication (radius Scheme View)72................................................................................................................................................................
Security-policy-server74................................................................................................................................................................
Server-type75................................................................................................................................................................
State Primary76................................................................................................................................................................
Stop-accounting-buffer Enable (radius Scheme View)77................................................................................................................................................................
Timer Quiet (radius Scheme View)78................................................................................................................................................................
Timer Realtime-accounting (radius Scheme View)79................................................................................................................................................................
Timer Response-timeout (radius Scheme View)80................................................................................................................................................................
Hwtacacs Configuration Commands81................................................................................................................................................................
Display Hwtacacs82................................................................................................................................................................
Hwtacacs Scheme86................................................................................................................................................................
Key (hwtacacs Scheme View)87................................................................................................................................................................
Nas-ip (hwtacacs Scheme View)88................................................................................................................................................................
Primary Accounting (hwtacacs Scheme View)89................................................................................................................................................................
Primary Authentication (hwtacacs Scheme View)90................................................................................................................................................................
Primary Authorization91................................................................................................................................................................
Reset Hwtacacs Statistics92................................................................................................................................................................
Reset Stop-accounting-buffer93................................................................................................................................................................
Secondary Accounting (hwtacacs Scheme View)94................................................................................................................................................................
Secondary Authentication (hwtacacs Scheme View)95................................................................................................................................................................
Secondary Authorization96................................................................................................................................................................
Stop-accounting-buffer Enable (hwtacacs Scheme View)98................................................................................................................................................................
Timer Realtime-accounting (hwtacacs Scheme View)99................................................................................................................................................................
Timer Response-timeout (hwtacacs Scheme View)100................................................................................................................................................................
X Configuration Commands102................................................................................................................................................................
Dot1x105................................................................................................................................................................
Dot1x Authentication-method106................................................................................................................................................................
Dot1x Auth-fail Vlan107................................................................................................................................................................
Dot1x Critical Vlan108................................................................................................................................................................
Dot1x Critical Recovery-action109................................................................................................................................................................
Dot1x Domain-delimiter110................................................................................................................................................................
Dot1x Guest-vlan111................................................................................................................................................................
Dot1x Handshake112................................................................................................................................................................
Dot1x Handshake Secure113................................................................................................................................................................
Dot1x Max-user114................................................................................................................................................................
Dot1x Multicast-trigger116................................................................................................................................................................
Dot1x Port-method117................................................................................................................................................................
Dot1x Quiet-period118................................................................................................................................................................
Dot1x Re-authenticate119................................................................................................................................................................
Dot1x Retry120................................................................................................................................................................
Dot1x Timer121................................................................................................................................................................
Dot1x Unicast-trigger122................................................................................................................................................................
Reset Dot1x Statistics123................................................................................................................................................................
Ead Fast Deployment Configuration Commands124................................................................................................................................................................
Dot1x Url125................................................................................................................................................................
Mac Authentication Configuration Commands127................................................................................................................................................................
Mac-authentication129................................................................................................................................................................
Mac-authentication Critical Vlan130................................................................................................................................................................
Mac-authentication Domain131................................................................................................................................................................
Mac-authentication Guest-vlan132................................................................................................................................................................
Mac-authentication Max-user133................................................................................................................................................................
Mac-authentication User-name-format134................................................................................................................................................................
Reset Mac-authentication Statistics135................................................................................................................................................................
Portal Configuration Commands137................................................................................................................................................................
Display Portal Connection Statistics140................................................................................................................................................................
Display Portal Free-rule143................................................................................................................................................................
Display Portal Interface145................................................................................................................................................................
Display Portal Local-server146................................................................................................................................................................
Display Portal Server147................................................................................................................................................................
Display Portal Server Statistics148................................................................................................................................................................
Display Portal Tcp-cheat Statistics150................................................................................................................................................................
Display Portal User152................................................................................................................................................................
Portal Auth-fail Vlan153................................................................................................................................................................
Portal Auth-network154................................................................................................................................................................
Portal Delete-user155................................................................................................................................................................
Portal Free-rule156................................................................................................................................................................
Portal Local-server157................................................................................................................................................................
Portal Local-server Enable158................................................................................................................................................................
Portal Local-server Ip159................................................................................................................................................................
Portal Max-user160................................................................................................................................................................
Portal Nas-id-profile161................................................................................................................................................................
Portal Nas-ip162................................................................................................................................................................
Portal Offline-detect Interval163................................................................................................................................................................
Portal Redirect-url164................................................................................................................................................................
Portal Server165................................................................................................................................................................
Portal Server Banner166................................................................................................................................................................
Portal Server Server-detect167................................................................................................................................................................
Portal Server User-sync169................................................................................................................................................................
Portal Web-proxy Port170................................................................................................................................................................
Reset Portal Connection Statistics171................................................................................................................................................................
Reset Portal Server Statistics172................................................................................................................................................................
Port Security Configuration Commands173................................................................................................................................................................
Display Port-security Mac-address Block175................................................................................................................................................................
Display Port-security Mac-address Security177................................................................................................................................................................
Port-security Authorization Ignore179................................................................................................................................................................
Port-security Enable180................................................................................................................................................................
Port-security Mac-address Security181................................................................................................................................................................
Port-security Max-mac-count182................................................................................................................................................................
Port-security Ntk-mode183................................................................................................................................................................
Port-security Oui184................................................................................................................................................................
Port-security Timer Disableport187................................................................................................................................................................
User Profile Configuration Commands189................................................................................................................................................................
User-profile Enable190................................................................................................................................................................
Password Control Configuration Commands192................................................................................................................................................................
Display Password-control Blacklist193................................................................................................................................................................
Password-control Aging195................................................................................................................................................................
Password-control Alert-before-expire196................................................................................................................................................................
Password-control Authentication-timeout197................................................................................................................................................................
Password-control Composition198................................................................................................................................................................
Password-control { Aging | Composition | History | Length } Enable199................................................................................................................................................................
Password-control Enable200................................................................................................................................................................
Password-control Expired-user-login201................................................................................................................................................................
Password-control Length202................................................................................................................................................................
Password-control Login Idle-time203................................................................................................................................................................
Password-control Password Update Interval205................................................................................................................................................................
Password-control Super Composition206................................................................................................................................................................
Password-control Super Length207................................................................................................................................................................
Reset Password-control History-record208................................................................................................................................................................
Habp Configuration Commands209................................................................................................................................................................
Display Habp Table210................................................................................................................................................................
Habp Client Vlan211................................................................................................................................................................
Habp Enable212................................................................................................................................................................
Habp Timer213................................................................................................................................................................
Public Key Configuration Commands214................................................................................................................................................................
Display Public-key Peer216................................................................................................................................................................
Peer-public-key End217................................................................................................................................................................
Public-key-code End218................................................................................................................................................................
Public-key Local Create219................................................................................................................................................................
Public-key Local Destroy220................................................................................................................................................................
Public-key Local Export Rsa222................................................................................................................................................................
Public-key Peer223................................................................................................................................................................
Pki Configuration Commands225................................................................................................................................................................
Ca Identifier226................................................................................................................................................................
Certificate Request From227................................................................................................................................................................
Certificate Request Mode228................................................................................................................................................................
Certificate Request Url229................................................................................................................................................................
Common-name230................................................................................................................................................................
Crl Check231................................................................................................................................................................
Crl Url232................................................................................................................................................................
Display Pki Certificate233................................................................................................................................................................
Display Pki Certificate Access-control-policy234................................................................................................................................................................
Display Pki Certificate Attribute-group235................................................................................................................................................................
Display Pki Crl Domain236................................................................................................................................................................
Fqdn238................................................................................................................................................................
Ldap-server239................................................................................................................................................................
Locality240................................................................................................................................................................
Organization-unit241................................................................................................................................................................
Pki Certificate Attribute-group242................................................................................................................................................................
Pki Domain243................................................................................................................................................................
Pki Import-certificate244................................................................................................................................................................
Pki Request-certificate Domain245................................................................................................................................................................
Pki Retrieval-certificate246................................................................................................................................................................
Pki Validate-certificate247................................................................................................................................................................
Rule (pki Cert Acp View)248................................................................................................................................................................
Ssh2.0 Configuration Commands250................................................................................................................................................................
Display Ssh User-information251................................................................................................................................................................
Ssh Server Authentication-retries252................................................................................................................................................................
Ssh Server Authentication-timeout253................................................................................................................................................................
Ssh Server Compatible-ssh1x254................................................................................................................................................................
Ssh Server Rekey-interval255................................................................................................................................................................
Ssh User256................................................................................................................................................................
Ssh2.0 Client Configuration Commands257................................................................................................................................................................
Display Ssh Server-info258................................................................................................................................................................
Ssh Client Authentication Server259................................................................................................................................................................
Ssh Client Ipv6 Source260................................................................................................................................................................
Ssh Client Source261................................................................................................................................................................
Ssh2 Ipv6263................................................................................................................................................................
Sftp Configuration Commands265................................................................................................................................................................
Sftp Client Configuration Commands266................................................................................................................................................................
Cdup267................................................................................................................................................................
Display Sftp Client Source269................................................................................................................................................................
Help270................................................................................................................................................................
Mkdir272................................................................................................................................................................
Quit273................................................................................................................................................................
Remove274................................................................................................................................................................
Rmdir275................................................................................................................................................................
Sftp Client Ipv6 Source276................................................................................................................................................................
Sftp Client Source277................................................................................................................................................................
Sftp Ipv6278................................................................................................................................................................
Scp Configuration Commands280................................................................................................................................................................
Ssl Configuration Commands282................................................................................................................................................................
Client-verify Enable283................................................................................................................................................................
Display Ssl Client-policy284................................................................................................................................................................
Display Ssl Server-policy285................................................................................................................................................................
Handshake Timeout286................................................................................................................................................................
Pki-domain287................................................................................................................................................................
Prefer-cipher288................................................................................................................................................................
Session289................................................................................................................................................................
Ssl Client-policy290................................................................................................................................................................
Version291................................................................................................................................................................
Tcp Attack Protection Configuration Commands293................................................................................................................................................................
Tcp Anti-naptha Enable294................................................................................................................................................................
Tcp Syn-cookie Enable295................................................................................................................................................................
Tcp Timer Check-state296................................................................................................................................................................
Ip Source Guard Configuration Commands297................................................................................................................................................................
Display User-bind298................................................................................................................................................................
Ip Check Source300................................................................................................................................................................
Ip Check Source Max-entries301................................................................................................................................................................
User-bind302................................................................................................................................................................
User-bind Ipv6303................................................................................................................................................................
Arp Attack Protection Configuration Commands304................................................................................................................................................................
Arp Anti-attack Source-mac Aging-time305................................................................................................................................................................
Arp Anti-attack Source-mac Exclude-mac306................................................................................................................................................................
Display Arp Anti-attack Source-mac307................................................................................................................................................................
Arp Packet Source Mac Address Consistency Check Configuration Commands308................................................................................................................................................................
Arp Detection Configuration Commands309................................................................................................................................................................
Arp Detection Trust310................................................................................................................................................................
Arp Restricted-forwarding Enable311................................................................................................................................................................
Display Arp Detection Statistics312................................................................................................................................................................
Reset Arp Detection Statistics313................................................................................................................................................................
Arp Gateway Protection Configuration Commands314................................................................................................................................................................
Nd Attack Defense Configuration Commands316................................................................................................................................................................
Display Ipv6 Nd Detection Statistics317................................................................................................................................................................
Ipv6 Nd Detection Enable318................................................................................................................................................................
Ipv6 Nd Detection Trust319................................................................................................................................................................
Savi Configuration Commands321................................................................................................................................................................
Ipv6 Savi Down-delay322................................................................................................................................................................
System-guard Configuration Commands324................................................................................................................................................................
System-guard Aging Time325................................................................................................................................................................
System-guard Detect-threshold326................................................................................................................................................................
System-guard Rate-limit327................................................................................................................................................................
Fips Configuration Commands328................................................................................................................................................................
Fips Self-test329................................................................................................................................................................
Ipsec Configuration Commands330................................................................................................................................................................
Display Ipsec Policy331................................................................................................................................................................
Display Ipsec Proposal334................................................................................................................................................................
Display Ipsec Sa335................................................................................................................................................................
Display Ipsec Session338................................................................................................................................................................
Display Ipsec Statistics339................................................................................................................................................................
Display Ipsec Tunnel341................................................................................................................................................................
Encapsulation-mode342................................................................................................................................................................
Esp Authentication-algorithm343................................................................................................................................................................
Ike-peer (ipsec Policy View)344................................................................................................................................................................
Ipsec Anti-replay Check345................................................................................................................................................................
Ipsec Decrypt Check346................................................................................................................................................................
Ipsec Policy (system View)347................................................................................................................................................................
Ipsec Proposal348................................................................................................................................................................
Ipsec Sa Global-duration349................................................................................................................................................................
Policy Enable351................................................................................................................................................................
Qos Pre-classify352................................................................................................................................................................
Reset Ipsec Sa353................................................................................................................................................................
Reset Ipsec Session354................................................................................................................................................................
Sa Authentication-hex355................................................................................................................................................................
Sa Duration356................................................................................................................................................................
Sa Encryption-hex357................................................................................................................................................................
Security Acl358................................................................................................................................................................
Transform359................................................................................................................................................................
Tunnel Local360................................................................................................................................................................
Tunnel Remote361................................................................................................................................................................
Ike Configuration Commands362................................................................................................................................................................
Certificate Domain363................................................................................................................................................................
Display Ike Dpd364................................................................................................................................................................
Display Ike Peer365................................................................................................................................................................
Display Ike Proposal366................................................................................................................................................................
Display Ike Sa367................................................................................................................................................................
Encryption-algorithm371................................................................................................................................................................
Exchange-mode372................................................................................................................................................................
Ike Local-name373................................................................................................................................................................
Ike Next-payload Check Disabled374................................................................................................................................................................
Ike Peer (system View)375................................................................................................................................................................
Ike Sa Keepalive-timer Interval376................................................................................................................................................................
Ike Sa Nat-keepalive-timer Interval377................................................................................................................................................................
Interval-time378................................................................................................................................................................
Local-name379................................................................................................................................................................
Nat Traversal380................................................................................................................................................................
Pre-shared-key381................................................................................................................................................................
Remote-address382................................................................................................................................................................
Remote-name383................................................................................................................................................................
Reset Ike Sa384................................................................................................................................................................
Support And Other Resources387................................................................................................................................................................
Conventions388................................................................................................................................................................
Index390................................................................................................................................................................
Advertisement
HP 5120 SI Series Security Configuration Manual (385 pages)
Brand: HP | Category: Network Router | Size: 3.63 MB
Table of contents
Configuration Guide1................................................................................................................................................................
Table Of Contents3................................................................................................................................................................
Aaa Configuration13................................................................................................................................................................
Radius14................................................................................................................................................................
Hwtacacs20................................................................................................................................................................
Domain-based User Management22................................................................................................................................................................
Protocols And Standards23................................................................................................................................................................
Fips Compliance26................................................................................................................................................................
Configuring Aaa Schemes28................................................................................................................................................................
Configuring Radius Schemes32................................................................................................................................................................
Configuring Hwtacacs Schemes43................................................................................................................................................................
Configuring Aaa Methods For Isp Domains48................................................................................................................................................................
Configuration Prerequisites49................................................................................................................................................................
Configuring Aaa Authentication Methods For An Isp Domain50................................................................................................................................................................
Configuring Aaa Authorization Methods For An Isp Domain52................................................................................................................................................................
Configuring Aaa Accounting Methods For An Isp Domain54................................................................................................................................................................
Tearing Down User Connections Forcibly55................................................................................................................................................................
Displaying And Maintaining Aaa56................................................................................................................................................................
Aaa For Telnet Users By Separate Servers58................................................................................................................................................................
Authentication/authorization For Ssh/telnet Users By A Radius Server59................................................................................................................................................................
Level Switching Authentication For Telnet Users By An Hwtacacs Server63................................................................................................................................................................
Troubleshooting Aaa67................................................................................................................................................................
Troubleshooting Hwtacacs68................................................................................................................................................................
X Fundamentals69................................................................................................................................................................
X-related Protocols70................................................................................................................................................................
Eap Over Radius72................................................................................................................................................................
X Authentication Procedures73................................................................................................................................................................
Eap Relay74................................................................................................................................................................
Eap Termination75................................................................................................................................................................
X Configuration77................................................................................................................................................................
Configuring 802.1x82................................................................................................................................................................
Enabling 802.1x83................................................................................................................................................................
Specifying Eap Relay Or Eap Termination84................................................................................................................................................................
Specifying An Access Control Method85................................................................................................................................................................
Setting The Maximum Number Of Authentication Request Attempts86................................................................................................................................................................
Configuring The Online User Handshake Function87................................................................................................................................................................
Configuring The Authentication Trigger Function88................................................................................................................................................................
Enabling The Quiet Timer89................................................................................................................................................................
Configuring An 802.1x Guest Vlan90................................................................................................................................................................
Configuring An Auth-fail Vlan91................................................................................................................................................................
Configuring An 802.1x Critical Vlan92................................................................................................................................................................
Specifying Supported Domain Name Delimiters93................................................................................................................................................................
X Configuration Examples94................................................................................................................................................................
X With Guest Vlan And Vlan Assignment Configuration Example96................................................................................................................................................................
X With Acl Assignment Configuration Example99................................................................................................................................................................
Ead Fast Deployment Configuration101................................................................................................................................................................
Configuration Procedure102................................................................................................................................................................
Displaying And Maintaining Ead Fast Deployment103................................................................................................................................................................
Troubleshooting Ead Fast Deployment105................................................................................................................................................................
Mac Authentication Configuration107................................................................................................................................................................
Mac Authentication Timers108................................................................................................................................................................
Acl Assignment109................................................................................................................................................................
Basic Configuration For Mac Authentication110................................................................................................................................................................
Specifying An Authentication Domain For Mac Authentication Users111................................................................................................................................................................
Configuring A Mac Authentication Guest Vlan112................................................................................................................................................................
Configuring A Mac Authentication Critical Vlan113................................................................................................................................................................
Mac Authentication Configuration Examples114................................................................................................................................................................
Radius-based Mac Authentication Configuration Example115................................................................................................................................................................
Acl Assignment Configuration Example117................................................................................................................................................................
Portal Configuration120................................................................................................................................................................
Portal System Using The Local Portal Server122................................................................................................................................................................
Portal Authentication Modes123................................................................................................................................................................
Layer 2 Portal Authentication Process124................................................................................................................................................................
Layer 3 Portal Authentication Process125................................................................................................................................................................
Portal Configuration Task List128................................................................................................................................................................
Specifying The Portal Server130................................................................................................................................................................
Configuring The Local Portal Server131................................................................................................................................................................
Enabling Portal Authentication135................................................................................................................................................................
Controlling Access Of Portal Users136................................................................................................................................................................
Configuring An Authentication Source Subnet137................................................................................................................................................................
Setting The Maximum Number Of Online Portal Users138................................................................................................................................................................
Configuring Layer 2 Portal Authentication To Support Web Proxy139................................................................................................................................................................
Specifying An Auth-fail Vlan For Portal Authentication140................................................................................................................................................................
Specifying Nas-port-type For An Interface141................................................................................................................................................................
Specifying A Source Ip Address For Outgoing Portal Packets142................................................................................................................................................................
Configuring Portal Detection Functions143................................................................................................................................................................
Configuring Portal User Information Synchronization145................................................................................................................................................................
Logging Off Portal Users146................................................................................................................................................................
Portal Configuration Examples147................................................................................................................................................................
Configuring Cross-subnet Portal Authentication154................................................................................................................................................................
Configuring Direct Portal Authentication With Extended Functions156................................................................................................................................................................
Configuring Cross-subnet Portal Authentication With Extended Functions158................................................................................................................................................................
Configuring Portal Server Detection And Portal User Information Synchronization160................................................................................................................................................................
Configuring Layer 2 Portal Authentication168................................................................................................................................................................
Troubleshooting Portal171................................................................................................................................................................
Incorrect Server Port Number On The Access Device172................................................................................................................................................................
Triple Authentication Configuration173................................................................................................................................................................
Extended Functions174................................................................................................................................................................
Triple Authentication Configuration Task List175................................................................................................................................................................
Triple Authentication Supporting Vlan Assignment And Auth-fail Vlan Configuration Example178................................................................................................................................................................
Port Security Configuration183................................................................................................................................................................
Port Security Features184................................................................................................................................................................
Support For Guest Vlan And Auth-fail Vlan186................................................................................................................................................................
Port Security Configuration Task List187................................................................................................................................................................
Setting The Maximum Number Of Secure Mac Addresses188................................................................................................................................................................
Configuring Port Security Features190................................................................................................................................................................
Configuring Port Security Traps191................................................................................................................................................................
Displaying And Maintaining Port Security193................................................................................................................................................................
Configuring The Userloginwithoui Mode195................................................................................................................................................................
Verify The Configuration197................................................................................................................................................................
Configuring The Macaddresselseuserloginsecure Mode199................................................................................................................................................................
Configuration Information200................................................................................................................................................................
Troubleshooting Port Security202................................................................................................................................................................
Cannot Change Port Security Mode When A User Is Online203................................................................................................................................................................
User Profile Configuration204................................................................................................................................................................
Creating A User Profile205................................................................................................................................................................
Enabling A User Profile206................................................................................................................................................................
Password Control Configuration207................................................................................................................................................................
Password Control Configuration Task List210................................................................................................................................................................
Setting Global Password Control Parameters211................................................................................................................................................................
Setting User Group Password Control Parameters212................................................................................................................................................................
Setting Local User Password Control Parameters213................................................................................................................................................................
Setting A Local User Password In Interactive Mode214................................................................................................................................................................
Password Control Configuration Example215................................................................................................................................................................
Habp Configuration218................................................................................................................................................................
Configuring Habp219................................................................................................................................................................
Displaying And Maintaining Habp220................................................................................................................................................................
Public Key Configuration223................................................................................................................................................................
Asymmetric Key Algorithm Applications224................................................................................................................................................................
Displaying Or Exporting The Local Rsa Or Dsa Host Public Key225................................................................................................................................................................
Configuring A Remote Host's Public Key226................................................................................................................................................................
Displaying And Maintaining Public Keys227................................................................................................................................................................
Importing A Remote Host's Public Key From A Public Key File229................................................................................................................................................................
Pki Configuration232................................................................................................................................................................
Architecture Of Pki233................................................................................................................................................................
Applications Of Pki234................................................................................................................................................................
Pki Configuration Task List235................................................................................................................................................................
Configuring A Pki Domain236................................................................................................................................................................
Submitting A Pki Certificate Request238................................................................................................................................................................
Submitting A Certificate Request In Manual Mode239................................................................................................................................................................
Retrieving A Certificate Manually240................................................................................................................................................................
Destroying A Local Rsa Key Pair242................................................................................................................................................................
Displaying And Maintaining Pki243................................................................................................................................................................
Network Requirements244................................................................................................................................................................
Requesting A Certificate From A Ca Running Windows 2003 Server247................................................................................................................................................................
Configuring A Certificate Attribute-based Access Control Policy250................................................................................................................................................................
Troubleshooting Pki251................................................................................................................................................................
Failed To Request A Local Certificate252................................................................................................................................................................
Failed To Retrieve Crls253................................................................................................................................................................
Ssh2.0 Configuration254................................................................................................................................................................
Enabling The Ssh Server Function258................................................................................................................................................................
Configuring A Client Public Key259................................................................................................................................................................
Configuring An Ssh User260................................................................................................................................................................
Setting The Ssh Management Parameters261................................................................................................................................................................
Configuring The Device As An Ssh Client262................................................................................................................................................................
Establishing A Connection Between The Ssh Client And Server263................................................................................................................................................................
Displaying And Maintaining Ssh264................................................................................................................................................................
Ssh Server Configuration Examples265................................................................................................................................................................
When Switch Acts As Server For Publickey Authentication267................................................................................................................................................................
Ssh Client Configuration Examples272................................................................................................................................................................
When Switch Acts As Client For Publickey Authentication275................................................................................................................................................................
Sftp Configuration278................................................................................................................................................................
Configuring The Sftp Connection Idle Timeout Period279................................................................................................................................................................
Working With Sftp Directories280................................................................................................................................................................
Working With Sftp Files281................................................................................................................................................................
Sftp Client Configuration Example282................................................................................................................................................................
Sftp Server Configuration Example285................................................................................................................................................................
Scp Configuration288................................................................................................................................................................
Configuring The Switch As The Scp Client289................................................................................................................................................................
Scp Server Configuration Example290................................................................................................................................................................
Ssl Configuration292................................................................................................................................................................
Ssl Protocol Stack293................................................................................................................................................................
Ssl Server Policy Configuration Example295................................................................................................................................................................
Configuring An Ssl Client Policy297................................................................................................................................................................
Displaying And Maintaining Ssl298................................................................................................................................................................
Tcp Attack Protection Configuration300................................................................................................................................................................
Enabling Protection Against Naptha Attacks301................................................................................................................................................................
Ip Source Guard Configuration302................................................................................................................................................................
Configuring Ipv4 Source Guard303................................................................................................................................................................
Configuring Dynamic Ipv4 Source Guard304................................................................................................................................................................
Setting The Maximum Number Of Ipv4 Source Guard Entries305................................................................................................................................................................
Configuring Dynamic Ipv6 Source Guard306................................................................................................................................................................
Setting The Maximum Number Of Ipv6 Source Guard Entries307................................................................................................................................................................
Ip Source Guard Configuration Examples308................................................................................................................................................................
Dynamic Ipv4 Source Guard Using Dhcp Snooping Configuration Example309................................................................................................................................................................
Dynamic Ipv4 Source Guard Using Dhcp Relay Configuration Example311................................................................................................................................................................
Static Ipv6 Source Guard Configuration Example312................................................................................................................................................................
Dynamic Ipv6 Source Guard Using Nd Snooping Configuration Example314................................................................................................................................................................
Troubleshooting Ip Source Guard315................................................................................................................................................................
Arp Attack Protection Configuration316................................................................................................................................................................
Configuring Arp Packet Rate Limit317................................................................................................................................................................
Configuring Source Mac Address Based Arp Attack Detection318................................................................................................................................................................
Displaying And Maintaining Source Mac Address Based Arp Attack Detection319................................................................................................................................................................
Configuring Arp Detection320................................................................................................................................................................
Configuring Arp Detection Based On Specified Objects321................................................................................................................................................................
Configuring Arp Restricted Forwarding322................................................................................................................................................................
Arp Detection Configuration Example I323................................................................................................................................................................
Arp Detection Configuration Example Ii324................................................................................................................................................................
Arp Restricted Forwarding Configuration Example325................................................................................................................................................................
Configuring Arp Gateway Protection327................................................................................................................................................................
Arp Gateway Protection Configuration Example328................................................................................................................................................................
Configuring Arp Filtering329................................................................................................................................................................
Nd Attack Defense Configuration331................................................................................................................................................................
Enabling Source Mac Consistency Check For Nd Packets332................................................................................................................................................................
Configuring Nd Detection333................................................................................................................................................................
Displaying And Maintaining Nd Detection334................................................................................................................................................................
Savi Configuration337................................................................................................................................................................
Savi Configuration In Dhcpv6-only Address Assignment Scenario338................................................................................................................................................................
Savi Configuration In Slaac-only Address Assignment Scenario340................................................................................................................................................................
Savi Configuration In Dhcpv6+slaac Address Assignment Scenario342................................................................................................................................................................
System-guard Configuration345................................................................................................................................................................
Displaying System-guard346................................................................................................................................................................
Configuring Fips347................................................................................................................................................................
Triggering A Self-test349................................................................................................................................................................
Verifying The Configuration350................................................................................................................................................................
Configuring Ipsec352................................................................................................................................................................
Configuring Acls356................................................................................................................................................................
Configuring An Ipsec Proposal357................................................................................................................................................................
Configuring An Ipsec Policy358................................................................................................................................................................
Applying An Ipsec Policy Group To An Interface361................................................................................................................................................................
Configuring The Ipsec Session Idle Timeout362................................................................................................................................................................
Configuring The Ipsec Anti-replay Function363................................................................................................................................................................
Displaying And Maintaining Ipsec364................................................................................................................................................................
Configuring Ike367................................................................................................................................................................
Ike Functions368................................................................................................................................................................
Relationship Between Ike And Ipsec369................................................................................................................................................................
Configuring A Name For The Local Security Gateway370................................................................................................................................................................
Configuring An Ike Peer371................................................................................................................................................................
Setting Keepalive Timers373................................................................................................................................................................
Configuring A Dpd Detector374................................................................................................................................................................
Displaying And Maintaining Ike375................................................................................................................................................................
Troubleshooting Ike378................................................................................................................................................................
Failing To Establish An Ipsec Tunnel379................................................................................................................................................................
Support And Other Resources380................................................................................................................................................................
Command Conventions381................................................................................................................................................................
HP 5120 SI Series Installation Manual (48 pages)
Table of contents
Installation Guide1................................................................................................................................................................
Table Of Contents3................................................................................................................................................................
Preparing For Installation5................................................................................................................................................................
Examining The Installation Site6................................................................................................................................................................
Laser Safety7................................................................................................................................................................
Installation Accessories8................................................................................................................................................................
Installing The Switch10................................................................................................................................................................
Mounting Brackets And Mounting Positions11................................................................................................................................................................
Rack-mounting The Switch13................................................................................................................................................................
Mounting The Switch On A Workbench15................................................................................................................................................................
Grounding The Switch With A Grounding Conductor Buried In The Earth Ground17................................................................................................................................................................
Grounding The Switch By Using The Ac Power Cord18................................................................................................................................................................
Connecting The Power Cord19................................................................................................................................................................
Verifying The Installation20................................................................................................................................................................
Accessing The Switch For The First Time21................................................................................................................................................................
Setting Terminal Parameters22................................................................................................................................................................
Setting Up An Irf Fabric23................................................................................................................................................................
Planning Irf Fabric Setup24................................................................................................................................................................
Planning Irf Topology And Connections25................................................................................................................................................................
Identifying Physical Irf Ports On The Member Switches26................................................................................................................................................................
Configuring Basic Irf Settings27................................................................................................................................................................
Maintenance And Troubleshooting28................................................................................................................................................................
Configuration Terminal Problems29................................................................................................................................................................
Appendix A Chassis Views And Technical Specifications30................................................................................................................................................................
G Poe+ (65w) Si31................................................................................................................................................................
G Poe+ (180w) Si32................................................................................................................................................................
G Poe+ (370w) Si33................................................................................................................................................................
Technical Specifications34................................................................................................................................................................
Ac Input Voltage Specifications35................................................................................................................................................................
Appendix B Frus And Compatibility Matrixes37................................................................................................................................................................
Appendix C Ports And Leds39................................................................................................................................................................
Power Led40................................................................................................................................................................
Base-t Ethernet Port Led41................................................................................................................................................................
Base-x Sfp Port Led42................................................................................................................................................................
Document Conventions And Icons43................................................................................................................................................................
Network Topology Icons44................................................................................................................................................................
Support And Other Resources45................................................................................................................................................................
Websites46................................................................................................................................................................
Index47................................................................................................................................................................
Advertisement
HP 5120 SI Series Specification (33 pages)
HP 5120 SI Switch Series
Advertisement
