Allied Telesis AT-S63 User Manual
Page 13
AT-S63 Management Software Menus Interface User’s Guide
13
Public Keys .............................................................................................................................................. 796
Message Encryption................................................................................................................................. 796
Digital Signatures ..................................................................................................................................... 796
Certificates ............................................................................................................................................... 797
Elements of a Public Key Infrastructure ................................................................................................... 798
Certificate Validation ................................................................................................................................ 799
Certificate Revocation Lists (CRLs) ......................................................................................................... 799
PKI Implementation.................................................................................................................................. 800
Creating a Self-signed Certificate................................................................................................................... 801
Adding a Certificate to the Database.............................................................................................................. 805
Modifying a Certificate .................................................................................................................................... 808
Deleting a Certificate ...................................................................................................................................... 811
Viewing a Certificate....................................................................................................................................... 813
Generating an Enrollment Request ................................................................................................................ 816
Installing CA Certificates onto a Switch.......................................................................................................... 819
Viewing and Configuring the Maximum Number of Certificates ..................................................................... 820
Configuring SSL ............................................................................................................................................. 821
Chapter 35: Secure Shell (SSH) ................................................................................................................. 823
SSH Overview ................................................................................................................................................ 824
Support for SSH ....................................................................................................................................... 824
SSH Server .............................................................................................................................................. 825
SSH Clients.............................................................................................................................................. 825
SSH and Enhanced Stacking................................................................................................................... 825
SSH Configuration Guidelines ................................................................................................................. 826
General Steps to Configuring SSH .......................................................................................................... 827
Configuring SSH............................................................................................................................................. 828
Displaying SSH Information............................................................................................................................ 831
Chapter 36: TACACS+ and RADIUS Protocols ......................................................................................... 833
TACACS+ and RADIUS Overview ................................................................................................................. 834
Enabling or Disabling Server-based Management Authentication ................................................................. 838
Configuring the TACACS+ Client ................................................................................................................... 840
Displaying the TACACS+ Settings ................................................................................................................. 842
Configuring the RADIUS Client ...................................................................................................................... 843
Displaying RADIUS Status and Settings ........................................................................................................ 846
Chapter 37: Management Access Control List ......................................................................................... 849
Management ACL Security Overview............................................................................................................. 850
Parts of a Management ACE ................................................................................................................... 850
Management ACL Guidelines .................................................................................................................. 851
Examples ................................................................................................................................................. 852
Enabling or Disabling the Management ACL.................................................................................................. 854
Creating an ACE............................................................................................................................................. 856
Modifying an ACE........................................................................................................................................... 858
Deleting an ACE ............................................................................................................................................. 860
Displaying the ACEs....................................................................................................................................... 861
Appendix A: AT-S63 Management Software Default Settings ................................................................ 863
ARP Cache Setting......................................................................................................................................... 865
Boot Configuration File Default Setting .......................................................................................................... 866
Class of Service.............................................................................................................................................. 867
Denial of Service Prevention Default Settings................................................................................................ 868
802.1x Port-Based Network Access Control Default Settings ........................................................................ 869
Enhanced Stacking Default Setting ................................................................................................................ 871
Event Log Default Settings ............................................................................................................................. 872