Vty line and access-class configuration, Vty line local authentication and authorization – Dell PowerEdge FX2/FX2s User Manual

Page 175

Advertising
background image

The Telnet server or client is VRF-aware. You can enable a Telnet server or client to listen to a specific
VRF by using the vrf vrf-instance-name parameter in the telnet command. This capability
enables a Telent server or client to look up the correct routing table and establish a connection.

Example of Using Telnet for Remote Login
Dell(conf)#ip telnet server enable

Dell(conf)#no ip telnet server enable

VTY Line and Access-Class Configuration

Various methods are available to restrict VTY access in Dell Networking OS. These depend on which

authentication scheme you use — line, local, or remote.

Table 17. VTY Access

Authentication Method VTY access-class

support?

Username access-class

support?

Remote authorization

support?

Line

YES

NO

NO

Local

NO

YES

NO

TACACS+

YES

NO

YES (with Dell
Networking OS version
5.2.1.0 and later)

RADIUS

YES

NO

YES (with Dell
Networking OS version
6.1.1.0 and later)

Dell Networking OS provides several ways to configure access classes for VTY lines, including:

VTY Line Local Authentication and Authorization

VTY Line Remote Authentication and Authorization

VTY Line Local Authentication and Authorization

Dell Networking OS retrieves the access class from the local database.

To use this feature:

1.

Create a username.

2.

Enter a password.

3.

Assign an access class.

4.

Enter a privilege level.

You can assign line authentication on a per-VTY basis; it is a simple password authentication, using an
access-class as authorization.

Configure local authentication globally and configure access classes on a per-user basis.

Dell Networking OS can assign different access classes to different users by username. Until users
attempt to log in, Dell Networking OS does not know if they will be assigned a VTY line. This means that
incoming users always see a login prompt even if you have excluded them from the VTY line with a deny-
all access class. After users identify themselves, Dell Networking OS retrieves the access class from the

Security

175

Advertising
Popular Brands
Popular manuals