268
configuring scheme, 20
configuring switch as server, 43
configuring user, 43
creating scheme, 21
differences from HWTACACS, 7
discussion, 2
displaying, 30
EAP over (802.1X), 65
enabling client listening port, 30
enabling trap function, 29
extended attributes, 6
maintaining, 30
messge exchange process, 2
packet format, 3
protocols, 11
security mechanism, 2
server authentication/authorization for SSH/Telnet
user, 47
server feature of switch, 10
setting maximum number of request transmission
attempts, 24
setting packet shared keys, 23
setting server status, 25
setting supported server type, 24
setting timer to control server communication, 27
setting traffic statistics units, 23
setting username format, 23
specifying accounting server and parameters, 22
specifying authentication/authorization server, 21
specifying client, 44
specifying source IP address for outgoing packets,
26
standards, 11
recording
host public key information, 140
registration authority (RA), 148
repository (PKI), 148
retrieving
certificate manually (PKI), 154
scheme
configuring (AAA), 16
scheme (HWTACACS), 31
scheme (RADIUS), 21
secure e-mail (PKI), 149
secure file transfer protocol.
See
SFTP
Secure Shell.
See
SSH
Secure Sockets Layer.
See
SSL
security
AAA configuration, 1
mechanism (RADIUS), 2
security mechanism (SSL), 200
server
AAA for 802.1X user (RADIUS), 50
configuring (SSH2.0), 177
configuring for HWTACACS server Telnet user
(AAA), 44
configuring for password authentication (SSH2.0),
177
configuring for publickey authentication (SSH2.0),
179
configuring for separate server Telnet user (AAA),
46
configuring IP address of security policy server
(RADIUS), 28
configuring switch as (SSH2.0), 170
enabling (SFTP), 190
enabling function (SSH2.0), 171
establishing client connection (SSH2.0), 176
establishing connection (SFTP), 191
ignoring authorization information (port security),
115
RADIUS, 10
RADIUS model, 2