HP FlexFabric 5700 series Manuals

Manuals and User Guides for HP FlexFabric 5700 series. We have 3 HP FlexFabric 5700 series manuals available for free PDF download: Security Configuration Manual, Configuration Manual

HP FlexFabric 5700 series Security Configuration Manual

HP FlexFabric 5700 series Security Configuration Manual (460 pages)

Brand: HP | Category: Switch | Size: 4.69 MB
Table of contents
Configuration Guide1................................................................................................................................................................
Table Of Contents3................................................................................................................................................................
Configuring Aaa13................................................................................................................................................................
Radius14................................................................................................................................................................
Hwtacacs19................................................................................................................................................................
Ldap21................................................................................................................................................................
Aaa Implementation On The Device23................................................................................................................................................................
Protocols And Standards25................................................................................................................................................................
Fips Compliance28................................................................................................................................................................
Configuring Aaa Schemes30................................................................................................................................................................
Configuring User Group Attributes33................................................................................................................................................................
Configuring Radius Schemes34................................................................................................................................................................
Configuring Hwtacacs Schemes44................................................................................................................................................................
Configuring Ldap Schemes50................................................................................................................................................................
Configuring Aaa Methods For Isp Domains53................................................................................................................................................................
Configuration Prerequisites54................................................................................................................................................................
Configuring Authentication Methods For An Isp Domain55................................................................................................................................................................
Configuring Authorization Methods For An Isp Domain56................................................................................................................................................................
Configuring Accounting Methods For An Isp Domain57................................................................................................................................................................
Enabling The Session-control Feature58................................................................................................................................................................
Setting The Maximum Number Of Concurrent Login Users59................................................................................................................................................................
Displaying And Maintaining Aaa60................................................................................................................................................................
Local Authentication, Hwtacacs Authorization, And Radius Accounting For Ssh Users61................................................................................................................................................................
Authentication And Authorization For Ssh Users By A Radius Server63................................................................................................................................................................
Authentication For Ssh Users By An Ldap Server66................................................................................................................................................................
Troubleshooting Radius71................................................................................................................................................................
Radius Accounting Error72................................................................................................................................................................
X Overview74................................................................................................................................................................
X-related Protocols75................................................................................................................................................................
Eap Over Radius76................................................................................................................................................................
X Authentication Initiation77................................................................................................................................................................
X Authentication Procedures78................................................................................................................................................................
Comparing Eap Relay And Eap Termination79................................................................................................................................................................
Eap Termination81................................................................................................................................................................
Configuring 802.1x83................................................................................................................................................................
Guest Vlan85................................................................................................................................................................
Auth-fail Vlan86................................................................................................................................................................
Critical Vlan88................................................................................................................................................................
Using 802.1x Authentication With Other Features89................................................................................................................................................................
User Profile Assignment90................................................................................................................................................................
Enabling Eap Relay Or Eap Termination92................................................................................................................................................................
Setting The Port Authorization State93................................................................................................................................................................
Setting The Maximum Number Of Authentication Request Attempts94................................................................................................................................................................
Configuring The Online User Handshake Feature95................................................................................................................................................................
Configuration Guidelines96................................................................................................................................................................
Configuring The Quiet Timer97................................................................................................................................................................
Configuring An 802.1x Guest Vlan98................................................................................................................................................................
Configuration Procedure99................................................................................................................................................................
Specifying Supported Domain Name Delimiters101................................................................................................................................................................
Displaying And Maintaining 802.1x102................................................................................................................................................................
X Guest Vlan And Authorization Vlan Configuration Example105................................................................................................................................................................
X With Acl Assignment Configuration Example107................................................................................................................................................................
X With Ead Assistant Configuration Example109................................................................................................................................................................
Troubleshooting 802.1x Ead Assistant For Web Browser Users112................................................................................................................................................................
Configuring Mac Authentication113................................................................................................................................................................
Vlan Assignment114................................................................................................................................................................
Acl Assignment116................................................................................................................................................................
Configuration Task List117................................................................................................................................................................
Specifying A Mac Authentication Domain118................................................................................................................................................................
Setting Mac Authentication Timers119................................................................................................................................................................
Enabling Mac Authentication Multi-vlan Mode On A Port120................................................................................................................................................................
Configuring A Mac Authentication Guest Vlan121................................................................................................................................................................
Configuring The Keep-online Feature122................................................................................................................................................................
Displaying And Maintaining Mac Authentication123................................................................................................................................................................
Radius-based Mac Authentication Configuration Example125................................................................................................................................................................
Acl Assignment Configuration Example127................................................................................................................................................................
Configuring Portal Authentication130................................................................................................................................................................
Interaction Between Portal System Components132................................................................................................................................................................
Portal Authentication Process133................................................................................................................................................................
Portal Configuration Task List135................................................................................................................................................................
Configuring A Portal Authentication Server136................................................................................................................................................................
Configuring A Portal Web Server137................................................................................................................................................................
Configuring An Authentication Source Subnet139................................................................................................................................................................
Configuring An Authentication Destination Subnet140................................................................................................................................................................
Setting The Maximum Number Of Portal Users141................................................................................................................................................................
Configuring Portal Detection Features142................................................................................................................................................................
Configuring Portal Authentication Server Detection143................................................................................................................................................................
Configuring Portal Web Server Detection144................................................................................................................................................................
Configuring Portal User Synchronization145................................................................................................................................................................
Configuring The Portal Fail-permit Feature146................................................................................................................................................................
Applying A Nas-id Profile To An Interface147................................................................................................................................................................
Enabling Portal Roaming148................................................................................................................................................................
Portal Configuration Examples149................................................................................................................................................................
Configuring Re-dhcp Portal Authentication157................................................................................................................................................................
Configuring Cross-subnet Portal Authentication161................................................................................................................................................................
Configuring Extended Direct Portal Authentication164................................................................................................................................................................
Configuring Extended Re-dhcp Portal Authentication167................................................................................................................................................................
Configuring Extended Cross-subnet Portal Authentication171................................................................................................................................................................
Configuring Portal Server Detection And Portal User Synchronization174................................................................................................................................................................
Troubleshooting Portal182................................................................................................................................................................
Cannot Log Out Portal Users On The Radius Server183................................................................................................................................................................
Re-dhcp Portal Authenticated Users Cannot Log In Successfully184................................................................................................................................................................
Configuring Port Security185................................................................................................................................................................
Enabling Port Security189................................................................................................................................................................
Setting The Port Security Mode190................................................................................................................................................................
Configuring Port Security Features191................................................................................................................................................................
Configuring Secure Mac Addresses192................................................................................................................................................................
Ignoring Authorization Information From The Server194................................................................................................................................................................
Applying Nas-id Profile To Port Security195................................................................................................................................................................
Enabling The Authorization-fail-offline Feature196................................................................................................................................................................
Userloginwithoui Configuration Example198................................................................................................................................................................
Configure Aaa199................................................................................................................................................................
Macaddresselseuserloginsecure Configuration Example201................................................................................................................................................................
Troubleshooting Port Security205................................................................................................................................................................
Configuring Password Control206................................................................................................................................................................
Password Updating And Expiration207................................................................................................................................................................
User Login Control208................................................................................................................................................................
Password Not Displayed In Any Form209................................................................................................................................................................
Enabling Password Control210................................................................................................................................................................
Setting User Group Password Control Parameters211................................................................................................................................................................
Setting Local User Password Control Parameters212................................................................................................................................................................
Setting Super Password Control Parameters213................................................................................................................................................................
Displaying And Maintaining Password Control214................................................................................................................................................................
Verifying The Configuration216................................................................................................................................................................
Managing Public Keys218................................................................................................................................................................
Creating A Local Key Pair219................................................................................................................................................................
Distributing A Local Host Public Key220................................................................................................................................................................
Displaying A Host Public Key221................................................................................................................................................................
Configuring A Peer Host Public Key222................................................................................................................................................................
Displaying And Maintaining Public Keys223................................................................................................................................................................
Example For Importing A Public Key From A Public Key File225................................................................................................................................................................
Configuring Pki228................................................................................................................................................................
Pki Architecture229................................................................................................................................................................
Pki Operation230................................................................................................................................................................
Configuring A Pki Entity231................................................................................................................................................................
Configuring A Pki Domain232................................................................................................................................................................
Requesting A Certificate234................................................................................................................................................................
Configuring Automatic Certificate Request235................................................................................................................................................................
Aborting A Certificate Request236................................................................................................................................................................
Verifying Certificates With Crl Checking238................................................................................................................................................................
Specifying The Storage Path For The Certificates And Crls239................................................................................................................................................................
Removing A Certificate240................................................................................................................................................................
Displaying And Maintaining Pki241................................................................................................................................................................
Pki Configuration Examples242................................................................................................................................................................
Requesting A Certificate From A Windows Server 2003 Ca Server245................................................................................................................................................................
Requesting A Certificate From An Openca Server248................................................................................................................................................................
Certificate Import And Export Configuration Example252................................................................................................................................................................
Troubleshooting Pki Configuration257................................................................................................................................................................
Failed To Request Local Certificates258................................................................................................................................................................
Failed To Obtain Crls259................................................................................................................................................................
Failed To Import The Ca Certificate260................................................................................................................................................................
Failed To Export Certificates261................................................................................................................................................................
Configuring Ipsec262................................................................................................................................................................
Security Protocols And Encapsulation Modes263................................................................................................................................................................
Security Association264................................................................................................................................................................
Authentication And Encryption265................................................................................................................................................................
Implementing Acl-based Ipsec267................................................................................................................................................................
Configuring An Acl268................................................................................................................................................................
Configuring An Ipsec Transform Set269................................................................................................................................................................
Configuring A Manual Ipsec Policy270................................................................................................................................................................
Configuring An Ike-based Ipsec Policy272................................................................................................................................................................
Applying An Ipsec Policy To An Interface276................................................................................................................................................................
Configuring The Ipsec Anti-replay Function277................................................................................................................................................................
Configuring Ipsec Anti-replay Redundancy278................................................................................................................................................................
Enabling Qos Pre-classify279................................................................................................................................................................
Enabling Logging Of Ipsec Packets280................................................................................................................................................................
Configuring Ipsec For Ipv6 Routing Protocols281................................................................................................................................................................
Configuring Snmp Notifications For Ipsec282................................................................................................................................................................
Displaying And Maintaining Ipsec283................................................................................................................................................................
Ipsec Configuration Examples284................................................................................................................................................................
Configuring An Ike-based Ipsec Tunnel For Ipv4 Packets286................................................................................................................................................................
Configuring Ipsec For Ripng289................................................................................................................................................................
Configuring Ike293................................................................................................................................................................
Ike Security Mechanism294................................................................................................................................................................
Configuring An Ike Profile296................................................................................................................................................................
Configuring An Ike Proposal298................................................................................................................................................................
Configuring An Ike Keychain299................................................................................................................................................................
Configuring The Global Identity Information300................................................................................................................................................................
Configuring The Ike Keepalive Function301................................................................................................................................................................
Configuring Ike Dpd302................................................................................................................................................................
Enabling Invalid Spi Recovery303................................................................................................................................................................
Displaying And Maintaining Ike304................................................................................................................................................................
Ike Negotiation Failed Because No Ike Proposals Or Ike Keychains Are Referenced Correctly308................................................................................................................................................................
Ipsec Sa Negotiation Failed Due To Invalid Identity Information309................................................................................................................................................................
Configuring Ssh312................................................................................................................................................................
Ssh Authentication Methods313................................................................................................................................................................
Configuring The Device As An Ssh Server315................................................................................................................................................................
Enabling The Stelnet Server316................................................................................................................................................................
Enabling The Scp Server317................................................................................................................................................................
Configuring A Client's Host Public Key318................................................................................................................................................................
Configuring An Ssh User319................................................................................................................................................................
Configuring The Ssh Management Parameters320................................................................................................................................................................
Configuring The Device As An Stelnet Client322................................................................................................................................................................
Configuring The Device As An Sftp Client324................................................................................................................................................................
Working With Sftp Directories326................................................................................................................................................................
Terminating The Connection With The Sftp Server327................................................................................................................................................................
Displaying And Maintaining Ssh329................................................................................................................................................................
Publickey Authentication Enabled Stelnet Server Configuration Example332................................................................................................................................................................
Password Authentication Enabled Stelnet Client Configuration Example337................................................................................................................................................................
Publickey Authentication Enabled Stelnet Client Configuration Example341................................................................................................................................................................
Sftp Configuration Examples343................................................................................................................................................................
Publickey Authentication Enabled Sftp Client Configuration Example346................................................................................................................................................................
Ssh Connection347................................................................................................................................................................
Scp File Transfer With Password Authentication349................................................................................................................................................................
Netconf Over Ssh Configuration Example With Password Authentication351................................................................................................................................................................
Configuring Ssl354................................................................................................................................................................
Configuring An Ssl Client Policy356................................................................................................................................................................
Displaying And Maintaining Ssl357................................................................................................................................................................
Configuring Ip Source Guard358................................................................................................................................................................
Static Ipsg Bindings359................................................................................................................................................................
Ipsg Configuration Task List360................................................................................................................................................................
Configuring A Static Ipv4sg Binding361................................................................................................................................................................
Configuring A Static Ipv6sg Binding362................................................................................................................................................................
Ipsg Configuration Examples363................................................................................................................................................................
Dynamic Ipv4sg Using Dhcp Snooping Configuration Example364................................................................................................................................................................
Dynamic Ipv4sg Using Dhcp Relay Configuration Example365................................................................................................................................................................
Static Ipv6sg Configuration Example366................................................................................................................................................................
Dynamic Ipv6sg Using Dhcpv6 Snooping Configuration Example367................................................................................................................................................................
Configuring Arp Attack Protection369................................................................................................................................................................
Configuring Arp Source Suppression370................................................................................................................................................................
Configuration Example371................................................................................................................................................................
Configuring Arp Packet Rate Limit372................................................................................................................................................................
Configuring Source Mac-based Arp Attack Detection373................................................................................................................................................................
Configuring Arp Packet Source Mac Consistency Check375................................................................................................................................................................
Configuring Authorized Arp376................................................................................................................................................................
Configuring Arp Packet Validity Check377................................................................................................................................................................
Configuring Arp Restricted Forwarding378................................................................................................................................................................
User Validity Check And Arp Packet Validity Check Configuration Example379................................................................................................................................................................
Arp Restricted Forwarding Configuration Example380................................................................................................................................................................
Configuring Arp Scanning And Fixed Arp382................................................................................................................................................................
Configuring Mff387................................................................................................................................................................
Basic Concepts388................................................................................................................................................................
Mff Working Mechanism389................................................................................................................................................................
Enabling Periodic Gateway Probe390................................................................................................................................................................
Displaying And Maintaining Mff391................................................................................................................................................................
Manual-mode Mff Configuration Example In A Ring Network392................................................................................................................................................................
Configuring Crypto Engines395................................................................................................................................................................
Configuring Fips396................................................................................................................................................................
Configuring Fips Mode397................................................................................................................................................................
Configuration Changes In Fips Mode398................................................................................................................................................................
Exiting Fips Mode399................................................................................................................................................................
Fips Self-tests400................................................................................................................................................................
Conditional Self-tests401................................................................................................................................................................
Fips Configuration Examples402................................................................................................................................................................
Entering Fips Mode Through Manual Reboot403................................................................................................................................................................
Exiting Fips Mode Through Automatic Reboot404................................................................................................................................................................
Exiting Fips Mode Through Manual Reboot405................................................................................................................................................................
Configuring User Profiles407................................................................................................................................................................
Configuring Parameters For A User Profile408................................................................................................................................................................
Configuring Attack Detection And Prevention413................................................................................................................................................................
Configuring Nd Attack Defense414................................................................................................................................................................
Support And Other Resources415................................................................................................................................................................
Conventions416................................................................................................................................................................
Index418................................................................................................................................................................

Advertisement

HP FlexFabric 5700 series Configuration Manual

HP FlexFabric 5700 series Configuration Manual (132 pages)

Brand: HP | Category: Switch | Size: 1.5 MB
Table of contents
Configuration Guide1................................................................................................................................................................
Table Of Contents3................................................................................................................................................................
Configuring Acls7................................................................................................................................................................
Acl Categories7................................................................................................................................................................
Match Order8................................................................................................................................................................
Rule Numbering9................................................................................................................................................................
Configuration Task List10................................................................................................................................................................
Configuring An Ipv6 Basic Acl11................................................................................................................................................................
Configuring An Ipv4 Advanced Acl12................................................................................................................................................................
Configuring An Ipv6 Advanced Acl13................................................................................................................................................................
Configuring An Ethernet Frame Header Acl14................................................................................................................................................................
Configuring A User-defined Acl15................................................................................................................................................................
Copying An Acl16................................................................................................................................................................
Filtering Logs17................................................................................................................................................................
Acl Configuration Example18................................................................................................................................................................
Configuration Procedure19................................................................................................................................................................
Qos Overview21................................................................................................................................................................
Qos Techniques Overview22................................................................................................................................................................
Configuring A Qos Policy24................................................................................................................................................................
Configuration Guidelines25................................................................................................................................................................
Defining A Traffic Behavior26................................................................................................................................................................
Applying The Qos Policy27................................................................................................................................................................
Applying The Qos Policy To An Interface28................................................................................................................................................................
Applying The Qos Policy To A Vlan28................................................................................................................................................................
Applying The Qos Policy Globally29................................................................................................................................................................
Displaying And Maintaining Qos Policies30................................................................................................................................................................
Configuring Priority Mapping32................................................................................................................................................................
Priority Trust Mode On A Port33................................................................................................................................................................
Priority Mapping Process34................................................................................................................................................................
Priority Mapping Configuration Tasks35................................................................................................................................................................
Configuring A Priority Map36................................................................................................................................................................
Displaying And Maintaining Priority Mapping37................................................................................................................................................................
Traffic Evaluation And Token Buckets42................................................................................................................................................................
Traffic Policing43................................................................................................................................................................
Rate Limit45................................................................................................................................................................
Configuring Traffic Policing46................................................................................................................................................................
Configuring Gts47................................................................................................................................................................
Configuring The Rate Limit48................................................................................................................................................................
Configuration Procedures49................................................................................................................................................................
Configuring Congestion Management52................................................................................................................................................................
Wrr Queuing53................................................................................................................................................................
Wfq Queuing55................................................................................................................................................................
Configuring Queuing56................................................................................................................................................................
Configuring Sp Queuing56................................................................................................................................................................
Configuring Wfq Queuing57................................................................................................................................................................
Configuring Sp+wrr Queuing58................................................................................................................................................................
Configuring Sp+wfq Queuing59................................................................................................................................................................
Displaying And Maintaining Queuing61................................................................................................................................................................
Configuring A Queue Scheduling Profile62................................................................................................................................................................
Queue Scheduling Profile Configuration Example63................................................................................................................................................................
Configuring Congestion Avoidance64................................................................................................................................................................
Tail Drop64................................................................................................................................................................
Configuring And Applying A Wred Table65................................................................................................................................................................
Displaying And Maintaining Wred67................................................................................................................................................................
Configuring Traffic Filtering68................................................................................................................................................................
Configuration Example69................................................................................................................................................................
Configuring Priority Marking70................................................................................................................................................................
Configuring Color-based Priority Marking71................................................................................................................................................................
Priority Marking Configuration Examples72................................................................................................................................................................
Local Qos Id Marking Configuration Example74................................................................................................................................................................
Configuration Considerations75................................................................................................................................................................
Configuring Nesting78................................................................................................................................................................
Configuring Traffic Redirecting81................................................................................................................................................................
Configuring Aggregate Car85................................................................................................................................................................
Configuring Class-based Accounting88................................................................................................................................................................
Appendixes91................................................................................................................................................................
Ip Precedence And Dscp Values92................................................................................................................................................................
P Priority93................................................................................................................................................................
Configuring Time Ranges95................................................................................................................................................................
Configuring Data Buffers97................................................................................................................................................................
Enabling The Burst Function98................................................................................................................................................................
Configuring The Total Shared-area Ratio99................................................................................................................................................................
Setting The Fixed-area Ratio For A Queue100................................................................................................................................................................
Basic Concepts101................................................................................................................................................................
Cnm Format102................................................................................................................................................................
How Qcn Works103................................................................................................................................................................
Qcn Algorithm104................................................................................................................................................................
Protocols And Standards105................................................................................................................................................................
Configuration Prerequisites106................................................................................................................................................................
Configuring Global Cnd Settings107................................................................................................................................................................
Configuring Congestion Detection Parameters108................................................................................................................................................................
Multicnd Qcn Configuration Example111................................................................................................................................................................
Support And Other Resources117................................................................................................................................................................
Subscription Service117................................................................................................................................................................
Related Information117................................................................................................................................................................
Command Conventions118................................................................................................................................................................
Index120................................................................................................................................................................
HP FlexFabric 5700 series Configuration Manual

HP FlexFabric 5700 series Configuration Manual (63 pages)

Brand: HP | Category: Switch | Size: 0.9 MB
Table of contents
Configuration Guide1................................................................................................................................................................
Table Of Contents3................................................................................................................................................................
Setting Up An Irf Fabric5................................................................................................................................................................
Network Topology6................................................................................................................................................................
Irf Domain Id7................................................................................................................................................................
Irf Merge8................................................................................................................................................................
File System Naming Conventions9................................................................................................................................................................
Configuration Synchronization10................................................................................................................................................................
Multi-active Handling Procedure11................................................................................................................................................................
Mad Mechanisms12................................................................................................................................................................
Hardware Compatibility15................................................................................................................................................................
Software Requirements16................................................................................................................................................................
Connecting Irf Ports17................................................................................................................................................................
Configuration Backup18................................................................................................................................................................
Planning The Irf Fabric Setup19................................................................................................................................................................
Specifying A Priority For Each Member Device20................................................................................................................................................................
Binding Physical Interfaces To Irf Ports21................................................................................................................................................................
Accessing The Irf Fabric23................................................................................................................................................................
Configuring The Global Load Sharing Mode24................................................................................................................................................................
Enabling Software Auto-update For Software Image Synchronization26................................................................................................................................................................
Setting The Irf Link Down Report Delay27................................................................................................................................................................
Configuring Lacp Mad28................................................................................................................................................................
Configuring Nd Mad30................................................................................................................................................................
Excluding A Port From The Shutdown Action Upon Detection Of Multi-active Collision31................................................................................................................................................................
Displaying And Maintaining An Irf Fabric33................................................................................................................................................................
Arp Mad-enabled Irf Configuration Example38................................................................................................................................................................
Nd Mad-enabled Irf Configuration Example42................................................................................................................................................................
Setting Up An Eirf System48................................................................................................................................................................
Basic Concepts50................................................................................................................................................................
Eirf Operating Mechanisms51................................................................................................................................................................
Configuration Restrictions And Guidelines53................................................................................................................................................................
Configuring The Device As A Pex54................................................................................................................................................................
Support And Other Resources55................................................................................................................................................................
Conventions56................................................................................................................................................................
Index58................................................................................................................................................................

Advertisement

Share and save

Advertisement