Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • HP Commware 5.1

    Încărcat de

    Anonymous cu1WVM0gg
    32 vizualizări4 pagini
    hp commware 5.1

    Titlu original

    hp commware 5.1

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    hp commware 5.1

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    32 vizualizări4 pagini

    HP Commware 5.1

    Încărcat de

    Anonymous cu1WVM0gg
    hp commware 5.1

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 4

    [Comware5]domain lab

    [Comware5-isp-
    lab]authentication default
    radius-scheme radius-auth

    [Comware5-isp-
    lab]authorization default
    radius-scheme radius-auth

    [Comware5-isp-lab]accounting
    default radius-scheme radius-
    auth
    [Comware5]domain default
    enable lab
    [Comware5]user-interface aux
    0
    [Comware5-ui-
    aux0]authentication-mode
    scheme
    [Comware5]user-interface vty Cisco(config)#line vty 0 15
    0 15
    [Comware5-ui-vty0- Cisco(config-line)#login
    15]authentication-mode scheme authentication default

    [Comware5-ui-vty0-15]user
    privilege level 3

    ProVision# show radius [Comware5]display radius Cisco#show aaa servers


    scheme
    Cisco#show radius server-
    group radius
    ProVision# show
    authentication
    ProVision# show radius
    authentication
    ProVision# show radius host [Comware5]display radius Cisco#show radius statistics
    10.0.100.111 statistics

    [Comware7]radius scheme
    radius-auth
    [Comware7-radius-radius-
    auth]primary authentication
    10.0.100.111 key simple
    password

    [Comware7-radius-radius-
    auth]primary accounting
    10.0.100.111 key simple
    password

    [Comware7-radius-radius-
    auth]user-name-format
    without-domain

    [Comware7]domain lab

    [Comware7-isp-
    lab]authentication default
    radius-scheme radius-auth

    [Comware7-isp-
    lab]authorization default
    radius-scheme radius-auth

    [Comware7-isp-lab]accounting
    default radius-scheme radius-
    auth
    [Comware7]domain default
    enable lab
    [Comware7]user-interface aux
    0
    [Comware7-line-
    aux0]authentication-mode
    scheme
    [Comware7]user-interface vty
    0 63
    [Comware7-ui-vty0-
    63]authentication-mode scheme

    [Comware7-line-vty0-63]user-
    role network-admin

    [Comware7]display radius
    scheme
    [Comware7]display radius
    statistics

    ProVision(config)# radius-server ?
    dead-time Server unavailability time (default is 0, use the 'no' form of
    command to set the dead-time to 0).
    dyn-autz-port UDP port number to listen for Change-of-Authorization and
    Disconnect messages (default is 3799).
    host IPv4/IPv6 address of the RADIUS server to use.
    key Global encryption key (default is NULL). If in enhanced
    secure-mode, you will be prompted for the key.
    retransmit Number of packet retransmits (default is 3).
    timeout Server timeout interval (default is 5).

    ProVision(config)# radius-server host


    IPV6-ADDR IPv6 address of the RADIUS server to use.
    IP-ADDR IPv4 address of the RADIUS server to use.

    ProVision(config)# radius-server host 10.0.100.111


    acct-port Accounting UDP destination port number(1-65535).
    auth-port Authentication UDP destination port number (default is 1812).
    dyn-authorization Enable/disable dynamic authorization control from this host.
    key Encryption key to use with the RADIUS server (default is NULL). If
    in enhanced secure-mode, you will be prompted for the key.
    oobm Use OOBM interface to connect to server
    time-window time window (in seconds) within which the received dynamic
    authorization requests are considered to be current and accepted
    for processing.
    <cr>

    ProVision(config)# radius-server host 10.0.100.111 key ?


    KEY Encryption key to use with the RADIUS server (default is NULL).
    oobm Use OOBM interface to connect to server

    ProVision(config)# radius-server host 10.0.100.111 key password ?


    acct-port Accounting UDP destination port number(1-65535).
    auth-port Authentication UDP destination port number (default is 1812).
    oobm Use OOBM interface to connect to server
    <cr>

    ProVision(config)# radius-server host 10.0.100.111 key password

    ProVision(config)# aaa
    accounting Configure accounting parameters on the switch.
    authentication Configure authentication parameters on the switch.
    authorization Configure authorization parameters on the switch.
    port-access Configure 802.1X (Port Based Network Access), MAC address based
    network access, or web authentication based network access on the
    device.
    server-group Place the RADIUS server into the RADIUS server group.

    ProVision(config)# aaa authentication ?


    allow-vlan Configure authenticator ports to apply VLAN changes immediately.
    console Configure authentication mechanism used to control access to the
    switch console.
    disable-username Bypass the username during authentication while accessing the
    switch to get Manager or Operator access.
    local-user Create or remove a local user account.
    lockout-delay The number of seconds after repeated login failures before a user
    may again attempt login.
    login Specify that switch respects the authentication server's privilege
    level.
    mac-based Configure authentication mechanism used to control mac-based port
    access to the switch.
    num-attempts The number of login attempts allowed.
    port-access Configure authentication mechanism used to control access to the
    network.
    ssh Configure authentication mechanism used to control SSH access to
    the switch.
    telnet Configure authentication mechanism used to control telnet access
    to the switch.
    web Configure authentication mechanism used to control web access to
    the switch.
    web-based Configure authentication mechanism used to control web-based port
    access to the switch.

    ProVision(config)# aaa authentication console ?


    enable Configure access to the privileged mode commands.
    login Configure login access to the switch.

    ProVision(config)# aaa authentication console login ?


    local Use local switch user/password database.
    tacacs Use TACACS+ server.
    radius Use RADIUS server.
    peap-mschapv2 Use RADIUS server with PEAP-MSChapv2.

    ProVision(config)# aaa authentication console login radius ?


    local Use local switch user/password database.
    none Do not use backup authentication methods.
    authorized Allow access without authentication.
    server-group Specify the server group to use.
    <cr>
    ProVision(config)# aaa authentication console login radius local ?
    <cr>

    ProVision(config)# aaa authentication console login radius local

    ProVision(config)# aaa authentication console enable radius local

    ProVision(config)# aaa authentication telnet login radius none

    ProVision(config)# aaa authentication telnet enable radius none

    ProVision(config)# aaa authentication ssh login radius none

    ProVision(config)# aaa authentication ssh enable radius none

    ProVision(config)# aaa authentication web login radius none

    ProVision(config)# aaa authentication web enable radius none

    ProVision# show radius

    Status and Counters - General RADIUS Information

    Deadtime (minutes) : 0
    Timeout (seconds) : 5
    Retransmit Attempts : 3
    Global Encryption Key :
    Dynamic Authorization UDP Port : 3799
    Source IP Selection : 10.0.111.21

    Auth Acct DM/ Time |


    Server IP Addr Port Port CoA Window | Encryption Key OOBM
    --------------- ---- ---- --- ------ + -------------------------------- ----
    10.0.100.111 1812 1813 No 300 | password No

    ProVision# show authentication

    Status and Counters - Authentication Information

    Login Attempts : 3
    Lockout Delay : 0
    Respect Privilege : Disabled
    Bypass Username For Operator and Manager Access : Disabled

    | Login Login Login


    Access Task | Primary Server Group Secondary
    -------------- + ---------- ------------ ----------
    Console | Radius radius Local
    Telnet | Radius radius None
    Port-Access | Local None
    Webui | Radius radius None
    SSH | Radius radius None
    Web-Auth | ChapRadius radius None
    MAC-Auth | ChapRadius radius None
    SNMP | Local None
    Local-MAC-Auth | Local radius None
    | Local None

    S-ar putea să vă placă și