Brocade Communications Systems 6650 Switch User Manual


 
Brocade ICX 6650 Security Configuration Guide 309
53-1002601-01
55
configuring an interface as the source for all packets
,
56
configuring command authorization
, 54
configuring enable authentication
, 53
displaying configuration information
, 56
entering privileged EXEC mode
, 53
identifying the server to the Brocade device
, 47
servers per port
, 48
setting authentication-method lists
, 51
setting over IPv6
, 51
setting the key
, 50
setting the retransmission limit
, 50
setting the timeout parameter
, 51
specifying different servers for individual AAA
functions
, 48
RADIUS authorization
, 53
RADIUS parameters
, 50
RADIUS security
, 41
RADIUS server
generic attributes
, 216
rate shaping
configuring outbound for a port
, 276
configuring outbound for a specific priority
, 277
displaying configurations
, 277
remote access restrictions
, 6
restrict mode access
using ACL
, 3
restricting
HTTP and HTTPS connection
, 8
SNMP access to a specific VLAN
, 10
snmp-server enable vlan
, 10
SSH connection
, 7
Telnet access to a specific VLAN
, 10
Telnet connection
, 7
TFTP access to a specific vlan
, 10
restricting access to device based on IP or MAC address
, 7
route map
configuring
, 122
RSA authentication
configuring challenge-response authentication
, 67
enabling challenge-response
, 69
exporting client public keys
, 79
generating a client key pair
, 79
generating and deleting a key pair
, 66
importing public keys into Brocade device
, 68
providing the public key to clients
, 67
S
secure access
passwords
, 13
secure copy (SCP)
configuration notes
, 75
enabling and disabling
, 75
example file transfers
, 75
importing a digital certificate
, 77
importing a DSA or RSA public key
, 77
importing an RSA private key
, 77
with SSH2
, 75
secure management access to Brocade devices
, 1
secure shell (SSH)
overview
, 63
secure shell (SSH2)
authentication types
, 65
clients
, 64
configuration
, 65
enabling and disabling with host keys
, 65
optional parameters
, 69
supported features
, 64
unsupported features
, 64
security
AAA for RADIUS commands
, 44
AAA operations for RADIUS
, 43
allowing SNMP access to Brocade device
, 12
allowing SSHv2 access to Brocade device
, 11
authentication method values
, 34
device management
, 11
edge port
, 60
edge ports
, 59
RADIUS
, 41
TACACS and TACACS+
, 24
TACACS authentication
, 27
TACACS+ accounting
, 28
TACACS+ authorization
, 28
TCP flags
, 59, 60
sFlow
and 802.1x port security
, 162
show command
show aaa
, 40, 56
show access-list
, 103, 118
show access-list accounting traffic-policy
, 151
show access-list all
, 119
show arp
, 283
show authenticated-mac-address
, 247
show auth-mac-address
, 252
show dot1x
, 184
show dot1x mac-address-filter
, 189
show dot1x mac-session
, 193