User Manual
Page 12
... Other Features Use Authentication? . . . . 178 Default Management Security Values 178 Controlling Management Access (Web 180 Access Profile 180 Authentication Profiles 184 Select Authentication 187 Password Management 188 Last Password Set Result 190 User Login Configuration 191 Local User Database... 192 Line Password 194 Enable Password 194 TACACS+ Settings 195 RADIUS Global Configuration 197 RADIUS ...
... Other Features Use Authentication? . . . . 178 Default Management Security Values 178 Controlling Management Access (Web 180 Access Profile 180 Authentication Profiles 184 Select Authentication 187 Password Management 188 Last Password Set Result 190 User Login Configuration 191 Local User Database... 192 Line Password 194 Enable Password 194 TACACS+ Settings 195 RADIUS Global Configuration 197 RADIUS ...
User Manual
Page 58
... all locally administered users. The switch also supports RADIUS Attribute 4, which is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. The strength of a password is password protected, and there are no default users on page 169. You can support up to accept RADIUS-assigned VLANs. For information about configuring...
... all locally administered users. The switch also supports RADIUS Attribute 4, which is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. The strength of a password is password protected, and there are no default users on page 169. You can support up to accept RADIUS-assigned VLANs. For information about configuring...
User Manual
Page 98
...information about assigning an IP address to a switch, see "Console Connection" on page 103. Passwords are both case sensitive and alpha-numeric. Figure 4-1. For information about creating a user and password, see "Local User Database" on page 192 (Web) or "Adding Users to the ...displays, enter a user name and password. Starting the Application To access the Dell OpenManage Switch Administrator and log on to configure the initial user name and password. Login Screen NOTE: The switch is not configured with a default user name or password. For information about connecting to the...
...information about assigning an IP address to a switch, see "Console Connection" on page 103. Passwords are both case sensitive and alpha-numeric. Figure 4-1. For information about creating a user and password, see "Local User Database" on page 192 (Web) or "Adding Users to the ...displays, enter a user name and password. Starting the Application To access the Dell OpenManage Switch Administrator and log on to configure the initial user name and password. Login Screen NOTE: The switch is not configured with a default user name or password. For information about connecting to the...
User Manual
Page 111
... many of -band (OOB) interface. Disabled on the PowerConnect 7000 Series switches. Table 6-1. Default Settings Feature IP address Subnet mask Default gateway DHCP client Management VLAN ID VLAN 1 Members SDM template Users Minimum password length IPv6 management mode SNTP client Global logging Switch auditing ...CLI command logging Web logging SNMP logging Console logging RAM logging Persistent (FLASH) logging Default None None None Enabled on out-of the software ...
... many of -band (OOB) interface. Disabled on the PowerConnect 7000 Series switches. Table 6-1. Default Settings Feature IP address Subnet mask Default gateway DHCP client Management VLAN ID VLAN 1 Members SDM template Users Minimum password length IPv6 management mode SNTP client Global logging Switch auditing ...CLI command logging Web logging SNMP logging Console logging RAM logging Persistent (FLASH) logging Default None None None Enabled on out-of the software ...
User Manual
Page 116
... Translates hostnames into the switch from a DHCP server on the network. PowerConnect 7000 Series switches are layer 2/3 managed switches. You must have been...browser or Telnet client, the switch must also configure a username and password to be able to log into IP addresses. Additionally, this chapter...administrative user with read/write access. Configuring the DNS information, default domain name, and host name mapping help the switch identify and... directly connected to a hostname. Identifies your network, such as dell.com. If you to statically map an IP address to the...
... Translates hostnames into the switch from a DHCP server on the network. PowerConnect 7000 Series switches are layer 2/3 managed switches. You must have been...browser or Telnet client, the switch must also configure a username and password to be able to log into IP addresses. Additionally, this chapter...administrative user with read/write access. Configuring the DNS information, default domain name, and host name mapping help the switch identify and... directly connected to a hostname. Identifies your network, such as dell.com. If you to statically map an IP address to the...
User Manual
Page 132
... switch configuration. console(config)#username admin password secret123 level 15 3 Configure the DNS servers, default domain name, and static host mapping. Basic Network Information Configuration Example In this example, an administrator at a Dell office in California decides not to use...dell.com The administrator also maps the administrative laptop host name to the management network. console#configure console(config)#interface out-of-band console(config-if)#ip address dhcp console(config-if)#exit 2 Configure the administrative user. The administrator configures a PowerConnect...
... switch configuration. console(config)#username admin password secret123 level 15 3 Configure the DNS servers, default domain name, and static host mapping. Basic Network Information Configuration Example In this example, an administrator at a Dell office in California decides not to use...dell.com The administrator also maps the administrative laptop host name to the management network. console#configure console(config)#interface out-of-band console(config-if)#ip address dhcp console(config-if)#exit 2 Configure the administrative user. The administrator configures a PowerConnect...
User Manual
Page 169
...Service (DoS) protection feature is also described in this chapter include: • Management Access Control Overview • Default Management Security Values • Controlling Management Access (Web) • Controlling Management Access (CLI) • Management Access Configuration ...access the switch management interface only after providing a valid username and password combination that matches the user account information stored in this chapter. Controlling Management Access 169 PowerConnect 7000 Series switches include several additional features to increase management security and...
...Service (DoS) protection feature is also described in this chapter include: • Management Access Control Overview • Default Management Security Values • Controlling Management Access (Web) • Controlling Management Access (CLI) • Management Access Configuration ...access the switch management interface only after providing a valid username and password combination that matches the user account information stored in this chapter. Controlling Management Access 169 PowerConnect 7000 Series switches include several additional features to increase management security and...
User Manual
Page 171
...to use to authenticate a user who attempts to enter Privileged EXEC mode (CLI only). Sends the user's ID and password to the configured TACACS+ server to be applied system wide with little administrative effort. What Are the Recommendations for management ...security include: • Require strong passwords • Disable factory-delivered default accounts • Enable password lockout • Configure user ACLs to protect administrative access to the network. Selecting the authentication policy...
...to use to authenticate a user who attempts to enter Privileged EXEC mode (CLI only). Sends the user's ID and password to the configured TACACS+ server to be applied system wide with little administrative effort. What Are the Recommendations for management ...security include: • Require strong passwords • Disable factory-delivered default accounts • Enable password lockout • Configure user ACLs to protect administrative access to the network. Selecting the authentication policy...
User Manual
Page 178
... about RADIUS-assigned VLANs, see "Configuring 802.1X and Port-Based Security" on page 445. Default Management Security Values By default, the only management access to provide port-based access control. Password aging, limiting the number consecutive passwords before reuse, and limiting the number of allowed consecutive login attempts are configured. Port-based access...
... about RADIUS-assigned VLANs, see "Configuring 802.1X and Port-Based Security" on page 445. Default Management Security Values By default, the only management access to provide port-based access control. Password aging, limiting the number consecutive passwords before reuse, and limiting the number of allowed consecutive login attempts are configured. Port-based access...
User Manual
Page 179
... User Database No users are defined Line and Enable passwords No passwords are defined. Controlling Management Access 179 HTTP HTTP access to the switch is enabled. RADIUS No RADIUS servers are allowed, and the default port is required. Management Security Default Values (Continued) Management Security Default Feature Authentication Profiles The following three Authentication Profiles are...
... User Database No users are defined Line and Enable passwords No passwords are defined. Controlling Management Access 179 HTTP HTTP access to the switch is enabled. RADIUS No RADIUS servers are allowed, and the default port is required. Management Security Default Values (Continued) Management Security Default Feature Authentication Profiles The following three Authentication Profiles are...
User Manual
Page 217
... and higher levels. Exit to the enable password (Range 8-64). Command configure passwords aging age passwords history historylength passwords min-length length passwords strength minimum uppercaseletters min passwords strength minimum lowercaseletters min Purpose Enter Global Configuration...password should contain. Enforce a minimum number of days (1-365) a password can exist before it is expired. Specify the number of lowercase letters that a password should contain. Command line {console|ssh |telnet} login authentication {default|list-name} enable authentication {default...
... and higher levels. Exit to the enable password (Range 8-64). Command configure passwords aging age passwords history historylength passwords min-length length passwords strength minimum uppercaseletters min passwords strength minimum lowercaseletters min Purpose Enter Global Configuration...password should contain. Enforce a minimum number of days (1-365) a password can exist before it is expired. Specify the number of lowercase letters that a password should contain. Command line {console|ssh |telnet} login authentication {default|list-name} enable authentication {default...
User Manual
Page 219
..., the type is Default-RADIUS-Server. source-ip source Specify the source IP address to be used for passwords. name servername Assign a name to Privileged EXEC mode. Verify the strength of server (accounting or authentication). The type of a password during configuration. The RADIUS...mode, use the IP address of the RADIUS server host (Range: 1-255 characters). Command passwords strength exclude-keyword word passwords strengthcheck exit show passwords configuration show passwords result Purpose Specify up to three keywords to exclude in -sensitive and reverse) as a request...
..., the type is Default-RADIUS-Server. source-ip source Specify the source IP address to be used for passwords. name servername Assign a name to Privileged EXEC mode. Verify the strength of server (accounting or authentication). The type of a password during configuration. The RADIUS...mode, use the IP address of the RADIUS server host (Range: 1-255 characters). Command passwords strength exclude-keyword word passwords strengthcheck exit show passwords configuration show passwords result Purpose Specify up to three keywords to exclude in -sensitive and reverse) as a request...
User Manual
Page 232
...; console#show users accounts UserName Privilege abc 1 admin 15 Password Aging ------------ Failed attempts to log on to the switch or rebooting or resetting the switch. consecutive login failures separated by default, does not have password lockout enabled through the networkList authentication method. The password lockout feature disables local access to the switch for a user...
...; console#show users accounts UserName Privilege abc 1 admin 15 Password Aging ------------ Failed attempts to log on to the switch or rebooting or resetting the switch. consecutive login failures separated by default, does not have password lockout enabled through the networkList authentication method. The password lockout feature disables local access to the switch for a user...
User Manual
Page 233
By default, Console (serial) access uses the defaultList authentication. console#configure console(config)#line console console(config-line)#login authentication networkList console#exit console>logout Controlling ...------Console Telnet SSH Login Method List defaultList networkList networkList Enable Method List enableList enableList enableList HTTPS HTTP DOT1X :local :local : 5 Configure the serial port for password lockout because it has been globally enabled, and Telnet and SSH use the networkList authentication method. Telnet and SSH are already configured for network (local...
By default, Console (serial) access uses the defaultList authentication. console#configure console(config)#line console console(config-line)#login authentication networkList console#exit console>logout Controlling ...------Console Telnet SSH Login Method List defaultList networkList networkList Enable Method List enableList enableList enableList HTTPS HTTP DOT1X :local :local : 5 Configure the serial port for password lockout because it has been globally enabled, and Telnet and SSH use the networkList authentication method. Telnet and SSH are already configured for network (local...
User Manual
Page 268
... alert, critical, and error (levels 1-3) will in a single email every 120 minutes. Warning, notice, info, and debug messages are the default values. For messages with the mail server. 268 Monitoring and Logging System Information console#configure console(config)#mail-server ip-address 192.168.2.34 2... Configure the username and password for the switch must use for sending messages. Configuring Email Alerting The commands in an email. The mail server does not require...
... alert, critical, and error (levels 1-3) will in a single email every 120 minutes. Warning, notice, info, and debug messages are the default values. For messages with the mail server. 268 Monitoring and Logging System Information console#configure console(config)#mail-server ip-address 192.168.2.34 2... Configure the username and password for the switch must use for sending messages. Configuring Email Alerting The commands in an email. The mail server does not require...
User Manual
Page 335
... MAC address. Configuring SNMP (CLI) This section provides information about these commands, see the PowerConnect 7000 Series CLI Reference Guide. For more information about the commands you use the default keyword to configure the Engine ID. • For a stack of the switch. This digest... SNMPv3 engine ID is deleted, or if the configuration file is converted to configure an engine ID for SNMP. The command line password is a concatenated hexadecimal string. Each byte can specify your administrative domain. Configuring the SNMPv3 Engine ID To use the following guidelines ...
... MAC address. Configuring SNMP (CLI) This section provides information about these commands, see the PowerConnect 7000 Series CLI Reference Guide. For more information about the commands you use the default keyword to configure the Engine ID. • For a stack of the switch. This digest... SNMPv3 engine ID is deleted, or if the configuration file is converted to configure an engine ID for SNMP. The command line password is a concatenated hexadecimal string. Each byte can specify your administrative domain. Configuring the SNMPv3 Engine ID To use the following guidelines ...
User Manual
Page 340
Community string that acts like a ip-address] password and permits access to Privileged EXEC mode. Management station IP address. Default is all IP addresses. exit Exit to the SNMP protocol. (Range: 1-20 characters) • group-name - Name of a previously defined group. Map the internal security ...
Community string that acts like a ip-address] password and permits access to Privileged EXEC mode. Management station IP address. Default is all IP addresses. exit Exit to the SNMP protocol. (Range: 1-20 characters) • group-name - Name of a previously defined group. Map the internal security ...
User Manual
Page 342
...number of the host to wait for this host - Indicates that SNMPv1 traps will be used • community-string - version 2 - Specifies a password-like community string sent with the notification operation. (Range: 1-20 characters) • port - A string that SNMPv2 traps will be used - Specifies... (targeted recipient) or the name of seconds to use. Indicates that is 162. (Range: 1-65535 characters.) • filtername - The default is the name of the filter that SNMPv2 informs are sent to receive addr [informs [timeout SNMP traps or informs. seconds] [retries retries...
...number of the host to wait for this host - Indicates that SNMPv1 traps will be used • community-string - version 2 - Specifies a password-like community string sent with the notification operation. (Range: 1-20 characters) • port - A string that SNMPv2 traps will be used - Specifies... (targeted recipient) or the name of seconds to use. Indicates that is 162. (Range: 1-65535 characters.) • filtername - The default is the name of the filter that SNMPv2 informs are sent to receive addr [informs [timeout SNMP traps or informs. seconds] [retries retries...
User Manual
Page 445
...accept the terms of use policy. To gain network access, the user must enter a username (for guest access) or a username and password (for example your company home page. Configuring a Captive Portal 445 What Does a Captive Portal Do? When the user connects to the ...Internet during their stay. Captive Portals are often used in this chapter include: • Captive Portal Overview • Default Captive Portal Behavior and Settings • Configuring the Captive Portal (Web) • Configuring a Captive Portal (CLI) • Captive Portal Configuration...
...accept the terms of use policy. To gain network access, the user must enter a username (for guest access) or a username and password (for example your company home page. Configuring a Captive Portal 445 What Does a Captive Portal Do? When the user connects to the ...Internet during their stay. Captive Portals are often used in this chapter include: • Captive Portal Overview • Default Captive Portal Behavior and Settings • Configuring the Captive Portal (Web) • Configuring a Captive Portal (CLI) • Captive Portal Configuration...
User Manual
Page 450
... networks). 450 Configuring a Captive Portal If you associate an interface with the default Captive Portal. After you enable Captive Portal, no interfaces are obtained for the Captive Portal feature. Default Captive Portal Welcome Screen The user types a name in the Username field, ... Connect to access the network because the default verification mode is presented with the Captive Portal Welcome screen shown in a database or enter a password to gain network access. Note that interface is Guest. Table 17-1. Default Captive Portal Values Feature Global Captive Portal ...
... networks). 450 Configuring a Captive Portal If you associate an interface with the default Captive Portal. After you enable Captive Portal, no interfaces are obtained for the Captive Portal feature. Default Captive Portal Welcome Screen The user types a name in the Username field, ... Connect to access the network because the default verification mode is presented with the Captive Portal Welcome screen shown in a database or enter a password to gain network access. Note that interface is Guest. Table 17-1. Default Captive Portal Values Feature Global Captive Portal ...