Manuals / Brands / Computer Equipment / Switch / HP / Computer Equipment / Switch

HP ProCurve 3400CL-24G Release M.10.34 Enhancements, Concurrent TACAS+ and SFTP

1 197

Download 197 pages, 1.6 Mb

Enhancements

Release M.10.34 Enhancements

3.If you disable the use of dynamic VLANs in an authentication session using the no aaa port-access gvrp-vlans command, client sessions that were authenticated with a dynamic VLAN continue and are not deauthenticated.

(This behavior differs form how static VLAN assignment is handled in an authentication session. If you remove the configuration of the static VLAN used to create a temporary client session, the 802.1X, MAC, or Web authenticated client is deauthenticated.)

However, if a RADIUS-configured dynamic VLAN used for an authentication session is deleted from the switch through normal GVRP operation (for example, if no GVRP advertisements for the VLAN are received on any switch port), authenticated clients using this VLAN are deauthenticated.

For information on how static and dynamic VLANs are assigned in a RADIUS-based 802.1X, MAC, or Web authentication session, refer to the “How RADIUS-Based Authentication Affects VLAN Operation” section in the “RADIUS Authentication and Accounting” chapter of the Access Security Guide.

Release M.10.34 Enhancements

Release M.10.34 includes the following enhancement:

■Enhancement (PR_1000412747) — TACACS+ Single Sign-on for Administrators

Concurrent TACAS+ and SFTP

It is now possible to have SFTP/SCP sessions run concurrently with TACACS+ authentication. Because the initial login must be with a username/password that has manager level privileges, you must configure TACACS+ single sign--on in order for TACACS+ and SFTP/SCP to coexist.

To configure TACACS+ single sign-on, user the aaa authentication login privilege-modecommand.

Syntax: aaa authentication

<login [privilege-mode] >

Selects the Operator access level. If the privilege-modeoption is entered, TACACS+ is enabled for a single login. The authorized privilege level (Operator or Manager) is granted by the TACACS+ server.

Default: Single login disabled.

108

Contents

Release Notes: Version M.10.72 Software Release Notes: Page Contents Page Page Page Page Page Page Page Software Management Software Updates Download Switch Documentation and Software from the Web Downloading Software to the Switch TFTP Download from a Server Xmodem Download From a PC or Unix Workstation Page Saving Configurations While Using the CLI Install Recommendations for I.08.12 Boot ROM Update ProCurve Switch, Routing Switch, and Router Software Keys Page Minimum Software Versions for Series 3400cl Switch Features OS/Web/Java Compatibility Table Enforcing Switch Security Switch Management Access Security Local Manager Password Inbound Telnet Access and Web Browser Access Secure File Transfers SNMP Access (Simple Network Management Protocol) Physical Access to the Switch Other Provisions for Management Access Security Network Access Security Secure Shell (SSH) Secure Socket Layer (SSLv3/TLSv1) Traffic/Security Filters 802.1X Access Control Port Security, MAC Lockdown, MAC Lockout, and IP Lockdown Key Management System (KMS) Connection-RateFiltering Based On Virus-ThrottlingTechnology Identity-DrivenManagement (IDM) Clarifications and Updates Operating Notes for Jumbo Traffic-Handling Non-Genuine Mini-GBICDetection and Protection Initiative Publication Updates IGMP Command Update General Switch Traffic Security Guideline The Management VLAN IP Address Interoperating with 802.1s Multiple Spanning-Tree Rate-Limiting Known Issues Enhancements Release M.08.69 Enhancements Release M.08.70 through M.08.72 Enhancements Release M.08.73 Enhancements Release M.08.74 through M.08.77 Enhancements Release M.08.78 Enhancements Release M.08.79 Enhancements Release M.08.80 through M.08.83 Enhancements Release M.08.84 Enhancements Release M.08.85 through M.08.88 Enhancements Release M.08.89 Enhancements Page Page Page Page Page Page Using SNMP To View and Configure Switch Authentication Features Page Page Releases M.08.90 and M.08.91 Enhancements QoS Pass-ThroughMode Page Page Release M.08.94 Enhancements Page UDP Broadcast Forwarding Releases M.08.95 through M.10.01 Enhancements Release M.08.96 Enhancements Releases M.08.97 through M.10.01 Enhancements Release M.10.02 Enhancements RADIUS-AssignedAccess Control Lists (ACLs) Page Page Terminology General Operation The Packet-filteringProcess Page Page Page General Steps Determining Traffic Policies Planning the ACLs Needed To Enforce Traffic Policies Operating Rules for RADIUS-BasedACLs Limits for RADIUS-BasedACLs, Associated ACEs, and Counters Configuring an ACL in a RADIUS Server Page Page Page Configuring the Switch To Support RADIUS-BasedACLs Page Displaying the Current RADIUS-BasedACL Activity on the Switch Page Event Log Messages Causes of Client Deauthentication Immediately After Authenticating SFlow Show Commands Page Release M.10.04 Enhancements Page Page Page Page TCP/UDP Port Closure Page Spanning Tree Show Commands Page Release M.10.05 Enhancements Release M.10.06 Enhancements Release M.10.07 Enhancements Release M.10.08 Enhancements Release M.10.09 Enhancements Page Configuration Considerations Configuring UDLD Page Viewing UDLD Information Page Page Configuration Warnings and Event Log Messages Release M.10.10 Enhancements Spanning Tree Per-PortBPDU Filtering Viewing Status of BPDU Filtering Viewing Configuration of BPDU Filtering Releases M.10.11 through M.10.12 Enhancements Release M.10.13 Enhancements Releases M.10.14 through M.10.16 Enhancements Release M.10.17 Enhancements Terminology Configuring STP BPDU Protection Viewing BPDU Protection Status Release M.10.21 Enhancements Release M.10.22 Enhancements Page Release M.10.23 Enhancements Release M.10.24 Enhancements Release M.10.25 Enhancements Release M.10.26 Enhancements Release M.10.27 Enhancements Page Release M.10.28 Enhancements Release M.10.29 Enhancements Release M.10.30 Enhancements Release M.10.31 Enhancements Release M.10.32 Enhancements Release M.10.33 Enhancements Page Example of Untagged VLAN Assignment in a RADIUS-BasedAuthentication Session Page Page Enabling the Use of GVRP-LearnedDynamic VLANs in Authentication Sessions Release M.10.34 Enhancements Release M.10.35 Enhancements Page Page Page Page Page Release M.10.36 Enhancements Release M.10.37 Enhancements Configuring MSTP Port Connectivity Parameters Page Release M.10.38 Enhancements Send SNMP v2c Informs Release M.10.39 Enhancements RADIUS Server Unavailable Page Page ARP Age Timer Increase Page Release M.10.40 Enhancements Release M.10.41 Enhancements Release M.10.42 Enhancements Release M.10.43 Enhancements Page Page Page Page Potential Issues with Bindings Adding a Static Binding Page Page Release M.10.44 through M.10.64 Enhancements Release M.10.65 Enhancements Page Page Page Release M.10.66 Enhancements Page Page Release M.10.67 Enhancements Release M.10.68 Enhancements Release M.10.69 Enhancements Release M.10.70 Enhancements Release M.10.71 Enhancements Release M.10.72 Enhancements Software Fixes in Release M.08.51 - M.10.72 Release M.08.52 Release M.08.53 (Never Released) Release M.08.54 Release M.08.55 - Release M.08.60 Page Release M.08.62 Release M.08.63 Release M.08.64 Release M.08.65 Release M.08.66 Release M.08.67 Release M.08.68 Release M.08.69 Release M.08.70 Release M.08.71 Release M.08.72 Release M.08.73 Release M.08.74 Release M.08.75 Release M.08.76 Release M.08.77 Release M.08.78 Release M.08.79 Release M.08.80 Release M.08.81 Release M.08.82 Release M.08.83 Release M.08.84 Release M.08.85 Release M.08.86 Release M.08.87 Release M.08.88 Release M.08.89 Release M.08.90 Release M.08.91 Release M.08.92 Release M.08.93 Release M.08.94 Release M.08.95 Release M.08.96 Release M.08.97 Release M.10.01 Release M.10.02 Release M.10.03 Release M.10.04 Release M.10.05 Release M.10.06 Release M.10.07 Release M.10.08 Release M.10.09 Release M.10.10 Release M.10.11 Release M.10.12 Release M.10.13 Release M.10.14 Release M.10.15 Release M.10.16 Release M.10.17 Release M.10.18 - Release M.10.19 Release M.10.20 Release M.10.21 Release M.10.22 Release M.10.23 Release M.10.24 Release M.10.25 Release M.10.26 Release M.10.27 Release M.10.28 Release M.10.29 Release M.10.30 Release M.10.31 Release M.10.32 Release M.10.33 Release M.10.34 Release M.10.35 Release M.10.36 Release M.10.37 Release M.10.38 Release M.10.39 Release M.10.40 Release M.10.41 Release M.10.42 Release M.10.43 Release M.10.44 Release M.10.45 Release M.10.46 Release M.10.47 Release M.10.48 Release M.10.49 Release M.10.50 through M.10.64 Release M.10.65 Release M.10.66 Release M.10.67 Release M.10.68 Release M.10.69 Release M.10.70 Page Release M.10.71 Release M.10.72