Filter
Top Products
Securing Access to the Switch 19
Chapter 1: Accessing the Switch
Considerations for Configuring End User Accounts
A maximum of 10 user IDs are supported on the switch.
The EX2500 switch supports end user support for console, Telnet, EX2500
Web Device Manager, and SSHv1 or SSHv2 access to the switch.
If RADIUS authentication is used, the user password on the RADIUS server will
override the user password on the EX2500 switch. Also note that the password
change command on the switch only modifies the use switch password and
has no effect on the user password on the RADIUS server. RADIUS
authentication and a user password cannot be used concurrently to access the
switch.
Passwords for end users can be up to 128 characters in length.
User Access Control
The end user access control commands allow you to configure end user accounts.
Setting Up User IDs
Up to 10 user IDs can be configured. Use the following commands to define
usernames and passwords:
ex2500(config)# access user 1 name <1-8 characters>
ex2500(config)# access user 1 password
Changing user1 password; validation required:
Enter current admin password: <current administrator password>
Enter new user1 password: <new user password>
Re-enter new user1 password: <new user password>
New user1 password accepted.
Defining a User’s Access Level
The end user is by default assigned to the user access level (also known as class of
service, or COS). COS for all user accounts has global access to all resources except
for User COS, which has access to view-only resources that the user owns. For
more information, see Table 4 on page 13.
To change the user’s level, select one of the following options:
ex2500(config)# access user 1 level { user | operator | administrator }
Enabling or Disabling a User
An end user account must be enabled before the switch recognizes and permits
login under the account. Once enabled, the switch requires any user to enter both
username and password.
ex2500(config)# access user 1 enable
ex2500(config)# no access user 1 enable