H3C Technologies H3C S12500-X Series Switches User Manual

Page 8

Advertising
background image

iii

Configuring port security ··········································································································································· 89

 

Overview ········································································································································································· 89

 

Port security features ············································································································································· 89

 

Port security modes ··············································································································································· 89

 

Configuration task list ···················································································································································· 92

 

Enabling port security ···················································································································································· 93

 

Setting port security's limit on the number of secure MAC addresses on a port ···················································· 93

 

Setting the port security mode ······································································································································ 94

 

Configuring port security features ································································································································ 95

 

Configuring NTK ··················································································································································· 95

 

Configuring intrusion protection ·························································································································· 95

 

Configuring secure MAC addresses ···························································································································· 96

 

Configuration prerequisites ·································································································································· 96

 

Configuration procedure ······································································································································ 97

 

Ignoring authorization information from the server ···································································································· 97

 

Enabling MAC move ····················································································································································· 97

 

Displaying and maintaining port security ···················································································································· 98

 

Port security configuration examples ··························································································································· 98

 

autoLearn configuration example ························································································································ 98

 

userLoginWithOUI configuration example ······································································································· 100

 

macAddressElseUserLoginSecure configuration example ··············································································· 103

 

Troubleshooting port security ······································································································································ 106

 

Cannot set the port security mode ····················································································································· 106

 

Cannot configure secure MAC addresses ········································································································ 106

 

Configuring password control ································································································································ 107

 

Overview ······································································································································································· 107

 

Password setting ·················································································································································· 107

 

Password updating and expiration ··················································································································· 108

 

User login control ················································································································································ 109

 

Password not displayed in any form ················································································································· 109

 

Logging ································································································································································· 110

 

FIPS compliance ··························································································································································· 110

 

Password control configuration task list ····················································································································· 110

 

Enabling password control ········································································································································· 110

 

Setting global password control parameters ············································································································ 111

 

Setting user group password control parameters ····································································································· 112

 

Setting local user password control parameters ······································································································· 113

 

Setting super password control parameters ·············································································································· 114

 

Displaying and maintaining password control ········································································································· 114

 

Password control configuration example ·················································································································· 115

 

Network requirements ········································································································································· 115

 

Configuration procedure ···································································································································· 115

 

Verifying the configuration ································································································································· 116

 

Managing public keys ············································································································································ 118

 

Overview ······································································································································································· 118

 

FIPS compliance ··························································································································································· 118

 

Creating a local key pair ············································································································································ 119

 

Configuration guidelines ···································································································································· 119

 

Configuration procedure ···································································································································· 119

 

Distributing a local host public key ···························································································································· 120

 

Exporting a host public key in a specific format to a file ················································································ 120

 

Displaying a host public key in a specific format and saving it to a file ······················································ 121

 

Displaying a host public key ······························································································································ 121

 

Advertising
This manual is related to the following products:

H3C S5560 Series Switches, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C S9800 Series Switches, H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals