Cisco Catalyst 6880-X Specifications Page 69
- Page / 111
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Distribution Layer April 2014
66
Step 10: If your network operational support is centralized, you can increase network security by using an
access list to limit the networks that can access your device. In this example, only devices on the 10.4.48.0/24
network will be able to access the device via SSH or SNMP.
access-list 55 permit 10.4.48.0 0.0.0.255
line vty 0 15
access-class 55 in
!
snmp-server community [SNMP RO name] RO 55
snmp-server community [SNMP RW name] RW 55
If you configure an access-list on the vty interface, you may lose the ability to use ssh
to log in from one device to the next for hop-by-hop troubleshooting.
Caution
Step 11: Configure local login and password
The local login account and password provides basic device access authentication to view platform operation.
The enable password secures access to the device configuration mode. By enabling password encryption, you
prevent the use of plain text passwords when viewing configuration files. The aaa new-model command enables
new access control commands and functions, and causes the local username and password on the router to be
used in the absence of other AAA statements.
username admin password [password]
enable secret [secret password]
service password-encryption
aaa new-model
By default, https access to the switch will use the enable password for authentication.
Step 12: If you want to reduce operational tasks per device, configure centralized user authentication by using
the TACACS+ protocol to authenticate management logins on the infrastructure devices to the AAA server.
As networks scale in the number of devices to maintain, there is an operational burden to maintain local user
accounts on every device. A centralized AAA service reduces operational tasks per device and provides an audit
log of user access for security compliance and root cause analysis. When AAA is enabled for access control, all
management access to the network infrastructure devices (SSH and HTTPS) is controlled by AAA.
TACACS+ is the primary protocol used to authenticate management logins on the infrastructure devices to the
AAA server. A local AAA user database is also defined on each network infrastructure device in order to provide
a fallback authentication source in case the centralized TACACS+ server is unavailable.
tacacs server TACACS-SERVER-1
address ipv4 10.4.48.15
key [secret key]
!
aaa group server tacacs+ TACACS-SERVERS
server name TACACS-SERVER-1
!
aaa authentication login default group TACACS-SERVERS local
aaa authorization exec default group TACACS-SERVERS local
aaa authorization console
ip http authentication aaa
- Campus Wired LAN 1
- Table of Contents 2
- How to Read Commands 4
- Comments and Questions 4
- CVD Navigator 5
- Prociency 6
- Introduction 7
- Design Overview 9
- Access Layer 11
- Distribution Layer 12
- Flexible Design 13
- Core Layer 14
- Reader Tip 15
- Quality of Service (QoS) 16
- Access Layer Platforms 19
- Deployment Details 21
- Access Layer April 2014 22
- Configuring the Access Layer 23
- Interface 36
- Layer-3 Link 43
- Distribution Layer Roles 45
- Distribution Layer Platforms 47
- Cisco Catalyst 6880-X VSS 49
- Cisco Catalyst 4500-X VSS 49
- Cisco Catalyst 4507R+E VSS 49
- Virtual Switching System 51
- Figure 21 - VSS domain 53
- Figure 22 - VSLP 55
- Figure 23 - VSS domain 61
- Figure 24 - VSLP 63
- Multicast Source 73
- Rendezvous Point 73
- EIGRP Summarization 82
- OSPF Summarization 82
- EIGRP Neighbor Authentication 82
- OSPF Neighbor Authentication 82
- Core Layer Platforms 86
- Figure 28 - VSLP 92
- EIGRP Unicast Routing 102
- OSPF Unicast Routing 102
- Tech Tip 104
- Port channel 105
- CoreDistribution 105
- Appendix A: Product List 107
- LAN Distribution Layer 108
- LAN Core Layer 108
- Appendix B: 109
- DeviceCongurationFiles 109
- Appendix C: Changes 110
- Feedback 111
Related products and manuals for Network switches Cisco Catalyst 6880-X
Network switches Cisco MFEBX1 User Manual
(11 pages)
(11 pages)
Network switches Cisco TrustSec User Manual
(10 pages)
(10 pages)
Network switches Cisco MGBLX1 User Manual
(13 pages)
(13 pages)
© 2020, manymanuals.com. All rights reserved. | 0.116 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals