Allied Telesis AT-S63 User Manual
Page 13
AT-S63 Management Software Menus Interface User’s Guide
13
Public Keys .............................................................................................................................................. 798
Message Encryption................................................................................................................................. 798
Digital Signatures ..................................................................................................................................... 798
Certificates ............................................................................................................................................... 799
Elements of a Public Key Infrastructure ................................................................................................... 800
Certificate Validation ................................................................................................................................ 801
Certificate Revocation Lists (CRLs) ......................................................................................................... 801
PKI Implementation.................................................................................................................................. 802
Creating a Self-signed Certificate................................................................................................................... 803
Adding a Certificate to the Database.............................................................................................................. 807
Modifying a Certificate .................................................................................................................................... 810
Deleting a Certificate ...................................................................................................................................... 813
Viewing a Certificate....................................................................................................................................... 815
Generating an Enrollment Request ................................................................................................................ 818
Installing CA Certificates onto a Switch.......................................................................................................... 821
Viewing and Configuring the Maximum Number of Certificates ..................................................................... 822
Configuring SSL ............................................................................................................................................. 823
Chapter 35: Secure Shell (SSH) ................................................................................................................. 825
SSH Overview ................................................................................................................................................ 826
Support for SSH ....................................................................................................................................... 826
SSH Server .............................................................................................................................................. 827
SSH Clients.............................................................................................................................................. 827
SSH and Enhanced Stacking................................................................................................................... 827
SSH Configuration Guidelines ................................................................................................................. 828
General Steps to Configuring SSH .......................................................................................................... 829
Configuring SSH............................................................................................................................................. 830
Displaying SSH Information............................................................................................................................ 833
Chapter 36: TACACS+ and RADIUS Protocols ......................................................................................... 835
TACACS+ and RADIUS Overview ................................................................................................................. 836
Enabling or Disabling Server-based Management Authentication ................................................................. 840
Configuring the TACACS+ Client ................................................................................................................... 842
Displaying the TACACS+ Settings ................................................................................................................. 844
Configuring the RADIUS Client ...................................................................................................................... 845
Displaying RADIUS Status and Settings ........................................................................................................ 848
Chapter 37: Management Access Control List ......................................................................................... 851
Management ACL Security Overview............................................................................................................. 852
Parts of a Management ACE ................................................................................................................... 852
Management ACL Guidelines .................................................................................................................. 853
Examples ................................................................................................................................................. 854
Enabling or Disabling the Management ACL.................................................................................................. 856
Creating an ACE............................................................................................................................................. 858
Modifying an ACE........................................................................................................................................... 860
Deleting an ACE ............................................................................................................................................. 862
Displaying the ACEs....................................................................................................................................... 863
Appendix A: AT-S63 Management Software Default Settings ................................................................ 865
ARP Cache Setting......................................................................................................................................... 867
Boot Configuration File Default Setting .......................................................................................................... 868
Class of Service.............................................................................................................................................. 869
Denial of Service Prevention Default Settings................................................................................................ 870
802.1x Port-Based Network Access Control Default Settings ........................................................................ 871
Enhanced Stacking Default Setting ................................................................................................................ 873
Event Log Default Settings ............................................................................................................................. 874