Cisco MGX 8950 Specifications Page 433
- Page / 642
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
9-69
Cisco MGX 8850 (PXM1E/PXM45), Cisco MGX 8950, Cisco MGX 8830, and Cisco MGX 8880 Configuration Guide
Release 5.0.10, OL-3845-01 Rev. B0, August 16, 2004
Chapter 9 Switch Operating Procedures
Managing Remote (TACACS+) Authentication and Authorization
The following example configures authentication through the tacacs+ method:
M8830_SF.2.PXM.a > cnfaaa-authen tacacs+
AAA CONFIGURATION:
Authentication Methods : tacacs+ cisco
Authorization Methods : local cisco
Authorization Type : group
Default Privilege Level : NOUSER_GP
Prompt Display : acs
SSH/FTP Message Type : Inbound ASCII Login
IOS Exclusion List :
WARNING: The newly configured authentication/authorization methods will
apply to new session. This configuration has no impact on existing sessions.
Note that the example above did not configure the cisco authentication method, but this method is listed
as the backup for the tacacs+ method in the Authentication Methods line. There is no need to enter the
cisco method when it is the last method to be used.
To return a switch to the default authentication configuration, enter the following command:
M8830_SF.2.PXM.a > cnfaaa-authen default
AAA CONFIGURATION:
Authentication Methods : local cisco
Authorization Methods : local cisco
Authorization Type : group
Default Privilege Level : NOUSER_GP
Prompt Display : acs
SSH/FTP Message Type : Inbound ASCII Login
IOS Exclusion List :
WARNING: The newly configured authentication/authorization methods will
apply to new session. This configuration has no impact on existing sessions.
Notice the text in the command display that reminds you that changes in the authentication method only
apply to new sessions. This switch behavior prevents instant lockout if you make a configuration
mistake.
Configuring Command Authorization on the Switch
Authorization validates an authenticated user’s access to a command each time a command is entered.
When the switch uses an AAA server for authorization, the AAA switch can authorize commands in one
of the following ways:
• The AAA server sends a switch access privilege level or group ID back to the switch one time for
each login session, and the switch validates all session commands based on that group ID. This
method is called group mode.
• The AAA server validates every command the user enters using its own internal configuration to
determine if the user has access to the command. This method is called command mode.
Group mode requires less configuration at the AAA server, and it consumes less bandwidth during each
session. When the switch is configured for command mode, the AAA server must be configured to define
the command set available to each user. The advantage to command mode is that you can customize
access for each user. You are not limited to the access options defined on the switch.
To configure authorization, log in using a username with SERVICE_GP privileges or higher and enter
the cnfaaa-author command using the following format:
M8850_LA.7.PXM.a > cnfaaa-author <authorType> <method> [<method>...]
- MGX 8880 Configuration Guide 1
- CONTENTS 3
- Contents 10
- D Standards Compliance D-1 16
- F MPSM Licensing F-1 17
- Command Parameters 7-8 22
- About This Guide 27
- Conventions 28
- Documentation 29
- Related Documentation 30
- Obtaining Documentation 43
- Changes to This Document 44
- Documentation Feedback 46
- Cisco TAC Website 46
- Opening a TAC Case 47
- TAC Case Priority Definitions 47
- Preparing for Configuration 49
- Cisco MGX Switch Features 51
- Physical Attributes 52
- Services 52
- Trunk/Port Interfaces 53
- Supported Controller Cards 55
- Supported Routing Protocols 55
- Supported Services 55
- Typical Topologies 58
- Core Switch 59
- Multiservice Edge Aggregation 59
- Configuration Overview 61
- Collecting Information 62
- Administrator Data 63
- Unique Device Identifier 63
- Administrator Access Method 64
- Network Clock Source Plan 64
- Network Management Plan 64
- • manual 67
- Initializing the Switch 76
- Getting Command Help 84
- Configuring User Access 87
- Adding Users 88
- Deleting Users 91
- Adding the PNNI Controller 95
- Setting the PNNI Node Address 97
- Setting the PNNI Node ID 99
- Configuring Clock Sources 102
- UI-S3/B 104
- Enabling NCDP on a Node 106
- Setting the LAN IP Addresses 108
- Setting the Disk IP Address 111
- • SMFLR-1-2488 123
- Note No traffic 123
- • SMFSR-1-2488 123
- • SMFIR-1-155-SFP 124
- • SMFLR-1-155-SFP 124
- • MMF-1-155-SFP 126
- Line Configuration Quickstart 130
- SVC Configuration Quickstart 135
- Configuring the Card Mode 149
- Setting Up Lines 150
- Configuring Lines 151
- Configuring T1 (DS1) Lines 152
- Configuring E1 Lines 153
- Configuring SONET Lines 154
- Configuring T3 Lines 154
- Configuring E3 Lines 155
- Verifying Line Configuration 156
- Creating an IMA Group 157
- • Version 1.0 = 1 158
- • Version 1.1 = 2 158
- Configuring an IMA Group 159
- Configuring IMA Links 164
- Adding an IMA Port 165
- Working line 168
- Midplane 168
- Protection line 168
- PXM-UI-S3/B back card 168
- Adding ATM Ports 172
- Modifying ATM Ports 175
- Configuring ILMI on a Port 188
- Note 0 = no polling 190
- Verifying PNNI Communications 195
- • 0 = persistent 203
- • 1 = nonpersistent 203
- Bringing Down a Connection 214
- Bringing Up a Connection 215
- Bringing Down a Party 215
- Bringing Up a Party 215
- Rerouting Connections 215
- Rerouting a P2MP Party 215
- Deleting Connections 216
- IGX Feeder Topology 217
- Deleting an IGX Feeder 218
- Configuration Quickstart 222
- Initializing Service Modules 224
- Selecting a Card SCT 229
- Selecting a Port SCT 231
- • Bulk distribution 233
- Configured for SONET/SDH 234
- Configured for T3 Interfaces 235
- Setting Up SRM Lines 236
- Configuring a SONET/SDH Line 237
- Where To Go Next 251
- Initializing RPM Cards 256
- Where to Go Next 263
- Cisco SCTs 266
- Managing SCTs 268
- SCT File Naming Convention 269
- Registering SCT Files 271
- Command Parameters 272
- Updating Registered SCT Files 273
- Deleting a Registered SCT 275
- Deleting Unregistered SCTs 276
- Managing Card SCTs 277
- Managing PXM1E Port SCTs 277
- Changing a Port SCT 278
- Displaying Port SCT Settings 279
- • 0 is highest priority 286
- • 15 is lowest priority 286
- Managing PNNI Nodes 291
- Configuring PNNI Timers 299
- Managing PNNI Routes 300
- Managing Preferred Routes 301
- Creating a Preferred Route 304
- Modifying a Preferred Route 307
- Deleting a Preferred Route 309
- Configuring the Deroute Delay 313
- Pure PXM45/C Networks 314
- Managing Priority Routing 315
- Managing Priority Bumping 319
- Managing Connection Grooming 322
- Slave endpoin 324
- Manually Grooming Connections 328
- • Cell transfer delay (CTD) 329
- • Cell delay variation (CDV) 329
- • Administrative Weight (AW) 329
- Configuring Orderly Grooming 333
- Configuring the AIS Delay 337
- Displaying System Addresses 340
- Displaying the SVCC RCC Timer 344
- Displaying the SVCC RCC Table 345
- Managing CUGs 346
- Creating Closed User Groups 347
- Deleting a CUG Assignment 354
- Blocking the CUG IE 354
- Configuring a Gateway Node 355
- • network topology database 357
- • link topology database 357
- • feeder topology database 357
- Displaying Link Information 359
- Displaying Feeder Information 361
- Disabling a Gateway Node 362
- Switch Operating Procedures 365
- Clearing a Slot Configuration 368
- Managing ILMI 371
- Deleting ILMI Prefixes 375
- Managing Redundant Cards 380
- Managing Redundant APS Lines 382
- Preparing for Intercard APS 383
- Modifying APS Lines 388
- Switching APS Lines 389
- Troubleshooting APS Lines 390
- Managing NCDP Clock Sources 395
- Enabling NCDP on a Switch 396
- Configuring an NCDP Port 398
- Displaying NCDP Information 399
- Display An NCDP Port 403
- Deleting an NCDP Clock Source 404
- Delete Manual Clock Sources 406
- Displaying SVCs 407
- Managing Controllers 407
- Adding Controllers 408
- Deleting a Controller 409
- Managing PXM1E Partitions 410
- Removing Static ATM Addresses 415
- Managing Load Sharing 419
- Starting a Telnet Session 421
- Displaying a Telnet Trace 422
- Switches 424
- Configuring AAA Servers 427
- Verifying PXM Disk Data 437
- Configuring a Line Loopback 443
- Managing Bit Error Rate Tests 444
- Managing IMA 455
- Displaying IMA Links 456
- Deleting an IMA Group 457
- Deleting an IMA Link 457
- Restarting an IMA Group 457
- Switch Maintenance Procedures 461
- Adding Cards 462
- Adding SRM Cards 464
- Adding RPM Cards 465
- Replacing Cards 466
- Upgrading a Standalone AXSM 478
- Replacing Service Modules 480
- Decommissioning an AXSM Slot 486
- Decommissioning an RPM Slot 488
- Controls 489
- Displaying Node Alarms 490
- Displaying Clock Alarms 490
- Displaying Switching Alarms 490
- • dspXbarPlaneAlms 491
- • dspxbarslotbwalms 491
- Displaying Environment Alarms 493
- Displaying Card Alarms 494
- Displaying IMA Alarms 496
- Displaying License Alarms 497
- Upgrade Process Overview 501
- PXM and AXSM Boot Downgrades 522
- Browsing the File System 524
- Locating Software Updates 525
- Starting the Upgrade Software 533
- Upgrading RPM Boot Software 536
- PXM Backup Boot Procedures 549
- APPENDIX 555
- Workstatio 556
- Serial cable 556
- PXM-UI-S3 556
- Workstation 560
- Configuring the Switch 562
- Configuring the Router 564
- Server Connection 565
- Starting a CLI Telnet Session 566
- Standards Compliance 571
- ATM Signaling Compliance 572
- PNNI Signaling 573
- ATM Signaling Interworking 574
- SONET/SDH 574
- Worksheets 575
- Hardware Survey Worksheets 576
- PXM and SRM 581
- AXSM Configuration Worksheet 586
- CESM Configuration Worksheet 587
- Worksheet 589
- VISM Configuration Worksheet 593
- VXSM Configuration Worksheet 594
- MPSM Licensing 595
- MPSM Licensing Information 596
- PXM License Pool 600
- Displaying License Data 601
- Note Go to Step 7 610
- Note Skip to Step 9 611
- MPSM License Alarms 612
- Slot License Alarms 613
- Rekeying Feature Licenses 615
- Diagnostics 619
- Diagnostics Examples 620
- Diagnostics Tests 622
- PXM45 Diagnostics Tests 623
- PXM45 Path Tests 624
Related products and manuals for Network switches Cisco MGX 8950
Network switches Cisco ME 3600X User Manual
(10 pages)
(10 pages)
Network switches Cisco NTP-E157 User Manual
(167 pages)
(167 pages)
Network switches Cisco IGX 8 Specifications
(298 pages)
(298 pages)
Network switches Cisco 8600 Specifications
(129 pages)
(129 pages)
Network switches Cisco 3040 Specifications
(99 pages)
(99 pages)
© 2020, manymanuals.com. All rights reserved. | 0.140 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals