Fujitsu BX600 SB9 manual Configure the SB9

Page 45

White Paper Issue: October 2006 Integration of BX600 SB9 Switches in Cisco Networks

Page 45 / 47

Step 2: Configure the SB9

!SB9 Configuration for TACACS+

!Create a authentication list

!authenticatio will be done agains TACACS, if the server

!does not respond, it will be done locally authentication login TACACS tacacs local reject

!bind the authentication list to all users, which are

!not locally.

username defaultlogin TACACS

!Enable TACACS Tacacs

!Set the shared key for server 1 tacacs key 1 0 fsc

!Set the IP address of server 1 tacacs server-ip 1 10.222.0.21

!Define the server 1 as master tacacs mode 1 master 1

!Since all users which are authenticated by TACACS+ are read-only

!user, it’s important to set the enable password which is not seen in

!the configuration file

enable passwd

Step 3: Test the login

C:\> telnet bx6-sb9-b

!Test a login with correct username but wrong password (bx6-sb9-b)

User:test-ro

Password: WRONG

!Test a login with correct username and password User:test-ro

Password:test-ro (bx6-sb9-b) >

At the ACS you can see the failed and successful attempts:

View the failed attempts

Page 44 Page 46
Image 45
Page 44 Page 46
Contents Contents Introduction Switch Connectivity Basic Multicast ServicesSwitch Management Page Introduction Recommended Solution ConfigurationAuto Negotiation Port Aggregation Network problemsShut down the affected ports to avoid loops Set up the port-channelVerify the operation of the port-channels Bring up the affected portsVLANs and Trunks Vlan Trunk between SB9 and Cisco SwitchConfigure the port-channels Configure Vlan trunkDefine the VLANs Gvrp Verify the Vlan trunkRunning ST P 802.1D with PVST+ on Vlan Trunks Spanning Tree ProtocolRunning PVST+ on Vlan Trunks while disabling STP at the SB9 SB9Rapid Spanning Tree Combining RAPID-PVST and 802.1wCombining RAPID-PVST and 802.1w after failure of Po1 Configuration with Vlan Trunks SB9 SwitchConfigure the switches Network loopsPage Page STP Verify the configurationPage Configuration without Vlan Trunks Configuration example Rstp without Vlan trunksPage Mode Type State Role Enabled Forwarding Designated Disabled Enabled Disabled PC Mbr Manual forwarding Interface BX600 port mapping Access Port and NIC ConfigurationConfigure the access ports of the switches Typical access port configurationConfigure the Broadcom NIC Page Configure the Intel Adapter Page Select Switch Fault Tolerance and press Next Press Finish Link State Configure a Link State GroupConfiguration Recommended solutionEnable multicast routing and Igmp at the layer 3 switch Enable Igmp snooping at all Layer 2 switchesVlan Page Configure the SB9 for unicast Sntp Configuration of syslog and SntpConfigure the SB9 for broadcast Sntp Configure the SB9 for logging and syslogTest the configuration Configure Snmp for SNMPv1 and SNMPv2c Configuration of SnmpConfigure SNMPv3 authentication SnmpConfiguration of SSH Remote Console AccessConfigure the SB9 Test the loginConfiguration of Radius Integration into Radius and TACACS+Prepare the ACS Page Specify the user’s password and press Submit Test the login Configuration of Tacacs Page Configure the SB9 Configuration of CDP Check the configurationCisco Discovery Protocol Configuration of Port Monitoring Port MonitoringFurther information in the Internet
Top Page Image Contents