77
Enhancements
Release L.11.08 Enhancements
To remove a specific entry in the ARP cache, enter this command:
Using SNMP to Configure Local Usernames and Passwords
Beginning with software release H.10.32, SNMP MIB object access is available for switch authenti-
cation configuration (hpSwitchAuth) of local usernames and passwords. This means that the
ProCurve 2600 switches now allow, by default, manager-only SNMP write-only access to the
following:
■
operator username
■
operator password
■
manager username
■
manager password
With SNMP write access to the above objects with the hpSwitchAuth MIB enabled, a device with
management access to the switch can use SNMP sets to change the local username and password
authentication configuration. Operator access to the authentication MIB is always denied.
Security Notes
The local usernames and passwords configured in the hpSwitchAuth MIB are not returned via SNMP,
and the response to SNMP queries for such information is a null string. However, SNMP sets can be
used to configure local username and password MIB objects.
To help prevent unauthorized access to the switch’s local username and password authentication
MIB objects, ProCurve recommends enhancing security.
If you do not want to use SNMP access to the switch’s local username and password authentication
configuration MIB objects, then use the CLI command
snmp-server mib hpswitchauthmib excluded
to
disable this access, as described in the next section.
If you choose to leave SNMP access to the above MIB objects open (the default setting), ProCurve
recommends that you configure the switch with the SNMP version 3 management and access security
feature, and disable SNMP version 2c access.
Syntax:
[no] arp IP-ADDRESS
Allows removal of any dynamic entry in the ARP cache.