NEC N8406-022 manual Radius server configuration

Page 61

Table 57 SSHD Configuration commands

Command

Description

no ssh scp-enable

Disables the SCP apply and save. This is the default for SCP.

 

Command mode: Global configuration

ssh enable

Enables the SSH server.

 

Command mode: Global configuration

no ssh enable

Disables the SSH server. This is the default for the SSH server.

 

Command mode: Global configuration

show ssh

Displays the current SSH server configuration.

 

Command mode: All

RADIUS server configuration

NOTE: See the N8406-022 1Gb Intelligent L2 Switch Application Guide for information on RADIUS.

The following table describes the RADIUS Server Configuration commands.

Table 58 RADIUS Server Configuration commands

Command

Description

[no] radius-server primary-host

Sets the primary RADIUS server address and shared secret between

<IP address> key <1-32

the switch and the RADIUS server(s).

characters>

Command mode: Global configuration

[no] radius-server secondary-

Sets the secondary RADIUS server address and shared secret

host <IP address> key <1-32

between the switch and the RADIUS server(s).

characters>

Command mode: Global configuration

radius-server port <UDP port

Enter the number of the User Datagram Protocol (UDP) port to be

number>

configured, between 1500-3000. The default is 1645.

 

Command mode: Global configuration

radius-server retransmit <1-3>

Sets the number of failed authentication requests before switching to a

 

different RADIUS server. The range is 1-3 requests. The default is 3

 

requests.

 

Command mode: Global configuration

radius-server timeout <1-10>

Sets the amount of time, in seconds, before a RADIUS server

 

authentication attempt is considered to have failed. The range is 1-10

 

seconds. The default is 3 seconds.

 

Command mode: Global configuration

[no] radius-server telnet- backdoor

Enables or disables the RADIUS back door for telnet/SSH/ HTTP/HTTPS. This command does not apply when secure backdoor is enabled.

Command mode: Global configuration

[no] radius-server secure- backdoor

Enables or disables the RADIUS back door using secure password for telnet/SSH/ HTTP/HTTPS. This command does not apply when backdoor (telnet) is enabled.

Command mode: Global configuration

radius-server enable

Enables the RADIUS server.

 

 

Command mode: Global configuration

no radius-server enable

Disables the RADIUS server. This is the default.

 

 

Command mode: Global configuration

show radius-server

Displays the current RADIUS server parameters.

 

 

Command mode: All

 

 

 

IMPORTANT:

If RADIUS is enabled, you must login using RADIUS authentication when connecting via the

console or Telnet/SSH/HTTP/HTTPS. Backdoor for console is always enabled, so you can connect using noradius and the administrator password even if the backdoor (telnet) or secure backdoor (secbd) are disabled.

If Telnet backdoor is enabled (telnet ena), type in noradius as a backdoor to bypass RADIUS checking, and use the administrator password to log into the switch. The switch allows this even if RADIUS servers are available.

If secure backdoor is enabled (secbd ena), type in noradius as a backdoor to bypass RADIUS checking, and use the administrator password to log into the switch. The switch allows this only if RADIUS servers are not available.

Configuration Commands 61

Image 61
Contents N8406-022 1Gb Intelligent L2 Switch Page Contents Statistics commands Operations Commands Iscli Reference Connecting to the switchIntroduction Additional referencesTelnet 1Gb Intelligent L2 Switch IP address Setting an IP addressEstablishing a Telnet connection Establishing an SSH connection# ssh user@1Gb Intelligent L2 Switch IP address Accessing the switchTypographical conventions Idle timeoutPing IP address Show portchannel 1-12hashinformationShow spanning-tree stp Show ip interfaceIscli Command Modes Accessing the IscliIscli basics Global commands Command abbreviation Command line interface shortcutsSwitchconfig# spanning-tree stp 1 bridge hello Switchconfig# sp stp 1 br hInformation Commands SNMPv3 Information commands System Information commandsSNMPv3 View Table information SNMPv3 USM User Table informationUser Name ProtocolView Name SNMPv3 Access Table informationGroup Name PrefixSNMPv3 Community Table information SNMPv3 Group Table informationSec Model Index Name User Name Tag Trap1 Public V1v2only V1v2trapSNMPv3 Target Parameters Table information SNMPv3 Target Address Table informationSec Level NameTag V1v2trapv1v2trap SNMPv3 Notify Table informationSNMPv3 dump Show snmp-server v3 Command mode AllSystem information Show recent syslog messages Usernames Enabled Oper Disabled Admin Always EnabledSystem user information Layer 2 information Show all FDB information FDB information commandsShow spanning-tree stp 1-32information Spanning Tree informationRapid Spanning Tree and Multiple Spanning Tree information Designated bridge Priority bridgeDesg 8000-000342fa3b80 8001 P2P, Edge 128 2000 Common Internal Spanning Tree informationDesg 8000-000342fa3b80 8002 128 2000 128 2000Cist Root Disabled DSBDiscarding DISC, Learning LRN, Forwarding FWD, or Trunk group information Trunk group 1, Enabled port state STG 1 forwardingVlan information ARP information Layer 3 informationIP information Show layer3 information Command mode AllShow all ARP entry information ARP address list informationIgmp multicast router port information Igmp multicast group informationRmon Information Rmon history informationShow rmon alarm Rmon alarm informationInterval Show rmon event Rmon event informationLink status information Port Tag Rmon Pvid Port informationVLANs Logical Port to GEA Port mapping Show geaport Command mode AllUplink Failure Detection information Information dump Port Statistics Statistics commandsEthernet statistics Bridging statisticsDot3StatsFCSErrors Dot3StatsAlignmentErrorsDot3StatsInternalMacTransmitError Dot3StatsSingleCollisionFramesInterface statistics Show interface gigabitethernet port number ip-counters Internet Protocol IP statisticsLink statistics Layer 2 statisticsFDB statistics Show interface gigabitethernet port number link-countersIP statistics Layer 3 statisticsARP statistics ArpEntriesCur ArpEntriesHighWater ARP statisticsIcmp statistics DNS statisticsDNS statistics DnsInRequests DnsOutRequests DnsBadRequests TCP statistics UDP statistics Igmp Multicast Group statistics Management Processor statisticsShow mp tcp-block Show mp udp-blockAll UDP allocated control blocks Listen 10ad41e8/10ad5790161 CPU statistics Show snmp-server counters Command mode All except User ExecSnmp statistics Decoding Snmp messages received NTP statistics Show ntp counters Command mode AllStatistics dump Uplink Failure Detection statisticsSaving the configuration Configuration CommandsSystem configuration Viewing and saving changesSystem host log configuration Secure Shell Server configuration Radius server configuration TACACS+ server configuration NTP server configuration System Snmp configuration SNMPv3 configuration Privacy-password password User Security Model configurationPrivacy-protocol desnone No snmp-server userView-based Access Control Model configuration SNMPv3 View configurationSNMPv3 Community Table configuration SNMPv3 Group configurationSNMPv3 Target Parameters Table configuration SNMPv3 Target Address Table configurationSystem Access configuration SNMPv3 Notify Table configurationManagement Networks configuration User ID configuration User Access Control configurationHttps Access configuration Temporarily disabling a port Port configurationPort link configuration Layer 2 configurationSpanning-tree mrst Enable Spanning-tree mrst ModeSpanning-tree mstp NameCist bridge configuration Common Internal Spanning Tree configurationCist port configuration Spanning Tree configuration Bridge Spanning Tree configuration Spanning Tree port configuration Trunk configuration Forwarding Database configurationStatic FDB configuration Vlan configuration Layer 3 configurationDefault Gateway configuration IP interface configurationIgmp configuration Address Resolution Protocol configurationIgmp snooping configuration Igmp filtering configuration Igmp static multicast router configurationIgmp filtering port configuration Domain Name System configurationIgmp filter definition Rmon history configuration Remote Monitoring configurationRmon event configuration Rmon alarm configuration Port mirroring Uplink Failure Detection configurationPort-based port mirroring Failure Detection Pair configuration Configuration DumpLink to Monitor configuration Link to Disable configurationRestoring the active switch configuration Saving the active switch configurationOperations-level port options Operations CommandsUpdating the switch software image Boot OptionsDownloading new software to the switch Router# copy tftp image1image2boot-imageRouterconfig# boot image image1image2 Uploading a software image from the switchSwitch# copy image1image2boot-image tftp Selecting a software image to runResetting the switch Selecting a configuration blockAccessing the AOS CLI System maintenance Maintenance CommandsForwarding Database maintenance Debugging options ARP cache maintenanceIgmp Mrouter maintenance Igmp Snooping maintenanceUuencode flash dump Switch# copy flash-dump tftp server filename Panic commandSwitch# clear flash-dump Tftp system dump putUnscheduled system dumps Index
Related manuals
Manual 62 pages 46.6 Kb

N8406-022 specifications

The NEC N8406-022 is a robust and versatile networking device designed primarily for organizations requiring high-performance connectivity solutions. As part of NEC's extensive portfolio of networking equipment, the N8406-022 is engineered to address the demands of modern enterprise environments, ensuring seamless communication and data processing capabilities.

One of the key features of the N8406-022 is its multi-layer switching functionality. This device supports Layer 2 and Layer 3 switching, allowing for efficient data routing and reducing latency within local area networks (LANs). This capability is particularly beneficial for businesses that rely on real-time data access and transfer, such as those in financial services, media, and telecommunications.

The N8406-022 is equipped with advanced Quality of Service (QoS) features that help prioritize critical network traffic. This means that voice and video data packets can be given precedence over less time-sensitive information, ensuring that essential communication remains clear and uninterrupted. This is crucial for organizations leveraging VoIP and video conferencing solutions.

In terms of connectivity, the NEC N8406-022 offers a variety of ports, including multiple Gigabit Ethernet ports, which facilitate high-speed data transfer and enable seamless integration into existing network infrastructures. The device may also include 10 Gigabit SFP+ ports, providing the flexibility for high-capacity uplinks to support bandwidth-intensive applications and storage solutions.

Security is another focal point of the NEC N8406-022, with integrated features such as VLAN support, access control lists (ACLs), and port security measures. These capabilities protect sensitive data from unauthorized access and ensure that only legitimate users and devices can connect to the network.

Moreover, the N8406-022 often incorporates advanced energy-efficient technologies that minimize power consumption without compromising performance. This not only contributes to operational cost savings but also supports organizations in their sustainability efforts.

With its combination of performance, security, and energy efficiency, the NEC N8406-022 stands out as a reliable networking solution suitable for a wide range of enterprises looking to enhance their connectivity and operational efficiency. Whether deployed in data centers or as part of a corporate network, this device is built to meet the evolving demands of today’s digital landscape.