Manual de instrucciones de Cisco Systems SN 5428-2

Manual de instrucciones del aparato Cisco Systems SN 5428-2

Aparato: Cisco Systems SN 5428-2
Categoría: Sierra
Fabricante: Cisco Systems
Tamaño: 0.35 MB
Fecha de añadido: 6/7/2014
Número de páginas: 22
Imprimir el manual

Descargar

¿Cómo se utiliza?

Nuestro propósito es proporcionarte el acceso más rápido posible a los contenidos incluidos en los manuales de instrucciones del aparato Cisco Systems SN 5428-2. Utilizando la vista previa online, puedes ver rápidamente el índice de contenidos y pasar a la página donde encontrarás la solución a tu problema con Cisco Systems SN 5428-2.

Para tu comodidad

Si ver los manuales de instrucción de Cisco Systems SN 5428-2 directamente en esta página no es cómodo para ti, puedes utilizar dos soluciones posibles:

  • Vista en pantalla completa – Para ver cómodamente los manuales de instrucciones (sin descargarlos en tu ordenador) puedes utilizar el modo de vista en pantalla completa. Para activar la vista del manual Cisco Systems SN 5428-2 en pantalla completa, utiliza el botón Pantalla completa
  • Descargar al ordenador – también puedes descargar el manual de instrucciones de Cisco Systems SN 5428-2 a tu ordenador y guardarlo en tu colección. Sin embargo, si no quieres ocupar espacio en tu dispositivo, siempre podrás descargarlo de ManualsBase.
Cisco Systems SN 5428-2 Manual de instrucciones - Online PDF
Advertisement
« Page 1 of 22 »
Advertisement
Versión impresa

Muchas personas prefieren no leer el documento en la pantalla, sino en versión impresa. La opción de impresión también está prevista y puedes utilizarla haciendo clic en el enlace más arriba - Imprimir el manual. No tienes que imprimir el manual completo de Cisco Systems SN 5428-2, solo las páginas que elijas. Ahorra papel.

Resúmenes

A continuación encontrarás resúmenes de los contenidos incluidos en las páginas posteriores del manual de instrucciones para Cisco Systems SN 5428-2. Puedes utilizarlos si quieres ver rápidamente el contenido que se encuentra en la siguientes páginas del manual.

Resúmenes de contenidos
Resumen del contenido incluido en la página 1


CHAPTER 9
Configuring Authentication
This chapter explains how to configure the authentication portion of Cisco’s authentication,
authorization and accounting (AAA) services on the SN 5428-2 Storage Router and how to configure
Enable, Login and iSCSI authentication, which use AAA services.
The following tasks are covered:
• Prerequisite Tasks, page 9-2
� Using Authentication, page 9-2
� Configuration Tasks, page 9-4
� Configuring Authentication Services, page 9-12
� Creating Named Server Gro

Resumen del contenido incluido en la página 2

Chapter 9 Configuring Authentication Prerequisite Tasks Prerequisite Tasks Before performing AAA configuration tasks on the storage router, make sure you have configured system parameters as described in Chapter 2, “First-Time Configuration,” or Chapter 3, “Configuring System Parameters.” If the storage router is deployed for SCSI routing, you should also configure SCSI routing instances as described in Chapter 6, “Configuring SCSI Routing,” before proceeding. See the iSCSI driver rea

Resumen del contenido incluido en la página 3

Chapter 9 Configuring Authentication Using Authentication Enable Authentication When configured, a user enters password information each time the CLI enable command is entered from the management console, or from a Telnet or SSH management session. If the storage router is configured to allow FTP access, Enable authentication also authenticates users attempting to login and establish an FTP session with the storage router. Using RADIUS Security Servers Because the enable command does n

Resumen del contenido incluido en la página 4

Chapter 9 Configuring Authentication Configuration Tasks Table 9-1 Authentication Services (continued) Authentication Service Description Authentication Types Local or Uses a local username database on the storage router Login and iSCSI Local-case for authentication. Local-case indicates that the user authentication only name authentication is case-sensitive. Passwords authentication is always case-sensitive. Enable Uses the Administrator mode password configured for Enable and Login

Resumen del contenido incluido en la página 5

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-1 iSCSI Authentication Configuration Elements Remote RADIUS servers Remote TACACS+ servers Username database user password user password user password When iSCSI authentication is user password enabled, the SCSI routing user password instance passes the user name user password . . . . . . . . and password from the iSCSI . . . . . . . . driver to AAA for authentication. AAA uses the specified local

Resumen del contenido incluido en la página 6

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-2 iSCSI Authentication Example Configuration Remote TACACS+ servers IP 10.7.0.22 IP 10.7.0 41 IP 10.7.0.45 group janus Global Key: tacacs123SN Username database Remote RADIUS servers IP 10.5.0.61 IP 10.6.0.53 Global Key: rad123SN labserver foo labserver2 foo2 local or RADIUS TACACS+ local-case Authentication services list: webservices2 local group janus group tacacs+ AAA authentication services SCSI routing instance:

Resumen del contenido incluido en la página 7

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-3 illustrates AAA configuration elements used for Enable authentication with RADIUS servers, Figure 9-4 illustrates AAA configuration elements used for Enable authentication with TACACS+ servers, and Figure 9-5 illustrates the example configuration of Enable authentication and the authentication services used in this chapter. Figure 9-3 Enable Authentication Configuration Elements with RADIUS Servers Remote RADIUS server

Resumen del contenido incluido en la página 8

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-4 Enable Authentication Configuration Elements with TACACS+ Servers Remote TACACS+ servers When Enable authentication is enabled, authentication is required when the user Administrator Monitor attempts Administrator mode password password access via the CLI "enable" command. The user is prompted for a password, which is sent along with the user name entered at login, to AAA for authentication. TACACS+ Enable Monitor If the

Resumen del contenido incluido en la página 9

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-5 Enable Authentication Example Configuration group sysadmin Remote TACACS+ servers IP 10.7.0.22 Administrator password: ciscoadmin IP 10.7.0.41 Global key: tacacs123SN TACACS+ Enable Monitor Authentication services list: group sysadmin user name = ciscouser enable password = ciscoadmin AAA authentication services CLI command session processor SN 5428-2 Storage Router user name = ciscouser password = ciscoadmin Telnet, S

Resumen del contenido incluido en la página 10

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-6 illustrates AAA configuration elements used for Login authentication and Figure 9-7 illustrates the example configuration of Login authentication and the authentication services used in this chapter. Figure 9-6 Login Authentication Configuration Elements Remote TACACS+ servers Remote RADIUS servers Username database user password Monitor Administrator user password When Login authentication is password password user

Resumen del contenido incluido en la página 11

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-7 Login Authentication Example Configuration group sysadmin Remote TACACS+ servers Monitor password: IP 10.7.0.22 ciscomonitor IP 10.7.0.41 Global Key: tacacs123SN local or RADIUS TACACS+ Enable Monitor local-case Authentication services list: group sysadmin monitor AAA authentication services CLI command session processor SN 5428-2 Storage Router user name: sysmonitor password: ciscomonitor Telnet, SSH or console managemen

Resumen del contenido incluido en la página 12

Chapter 9 Configuring Authentication Configuring Authentication Services Configuring Authentication Services Configuring authentication services consists of setting the appropriate parameters for the various AAA service options that can be used by the storage router. The storage router can use any or all of the supported services: � RADIUS � TACACS+ � Local username database � Enable � Monitor Use the procedures that follow to configure the storage router to use each of these services.

Resumen del contenido incluido en la página 13

Chapter 9 Configuring Authentication Configuring Authentication Services TACACS+ Hosts Use the commands in the following procedure to configure TACACS+ authentication services. Command Description Step 1 enable Enter Administrator mode. Step 2 tacacs-server host 10.7.0.22 Specify the TACACS+ servers to be used for authentication. For example, specify the TACACS+ servers at 10.7.0.22, 10.7.0.41, tacacs-server host 10.7.0.41 and 10.7.0.45 for use by the storage router. Because no port is

Resumen del contenido incluido en la página 14

Chapter 9 Configuring Authentication Configuring Authentication Services The following rules apply to passwords: � Passwords are entered in clear text. However, they are changed to “XXXXX” in the CLI command history cache, and are stored in the local username database in an encrypted format. � If the password contains embedded spaces, enclose it with single or double quotes. � After initial entry, passwords display in their encrypted format. Use the show aaa command to display the local

Resumen del contenido incluido en la página 15

Chapter 9 Configuring Authentication Creating Named Server Groups Creating Named Server Groups By default, you can use all configured RADIUS or TACACS+ servers for authentication. All configured RADIUS servers belong to the default group named radius. All configured TACACS+ servers belong to the default group named tacacs+. You can also create named groups of RADIUS or TACACS+ servers, to be used for specific authentication purposes. For example, you can use a subset of all configured

Resumen del contenido incluido en la página 16

Chapter 9 Configuring Authentication Creating Authentication Lists Command Description Step 3 aaa group server tacacs+ Add a TACACS+ server to the named group. For example, add the sysadmin server 10.7.0.22 TACACS+ server at IP address 10.7.0.22 to the group named sysadmin. Because no port is specified, authentication requests to this server use the default port 49. Servers are accessed in the order in which they are defined within the named group. Step 4 aaa group server tacacs+ Add

Resumen del contenido incluido en la página 17

Chapter 9 Configuring Authentication Creating Authentication Lists Enable authentication Use the commands in the following procedure to build a default list of authentication services to be used for Enable authentication. Building the default list completes the configuration of Enable authentication and makes it immediately effective. Command Description Step 1 enable Enter Administrator mode. Step 2 aaa authentication enable Create a default list of authentication services for Enable

Resumen del contenido incluido en la página 18

Chapter 9 Configuring Authentication Testing Authentication Testing Authentication You can perform authentication testing at any time. For example, before enabling iSCSI authentication for a SCSI routing instance, you can test iSCSI authentication. The user name and password are passed to AAA, which performs authentication using the specified iSCSI authentication list. The command response indicates a pass or fail status. iSCSI Authentication Use the commands in the following procedur

Resumen del contenido incluido en la página 19

Chapter 9 Configuring Authentication Configuring Two-Way Authentication Login Authentication Use the commands in the following procedure to test Login authentication. Command Description Step 1 enable Enter Administrator mode. Step 2 aaa test authentication login Test the user name and password configured for Monitor mode default sysmonitor ciscomonitor access to the storage router. AAA uses the services in the default authentication list (Example 9-3). Example 9-3 Testing Login Authent

Resumen del contenido incluido en la página 20

Chapter 9 Configuring Authentication Enabling iSCSI Authentication Enabling iSCSI Authentication iSCSI authentication is enabled for specific SCSI routing instances. By default, iSCSI authentication is not enabled. Use the commands in the following procedure to enable iSCSI authentication using the authentication services configured in the specified authentication list. Command Description Step 1 enable Enter Administrator mode. Step 2 scsirouter zeus authentication Enable authenticatio


Manuales de instrucciones similares
# Manual de instrucciones Categoría Descargar
1 Cisco Systems SN 5428-2 Manual de instrucciones Router 0
2 Cisco Systems SN 5428-2 Manual de instrucciones Router 0
3 Cisco Systems Cisco 1801 Manual de instrucciones Sierra 10
4 Cisco Systems 2691 Manual de instrucciones Sierra 2
5 Cisco Systems Cisco 1802 Manual de instrucciones Sierra 0
6 Cisco Systems NME-WAE Manual de instrucciones Sierra 1
7 Cisco Systems MC-607 Manual de instrucciones Sierra 0
8 Cisco Systems Cisco 1803 Manual de instrucciones Sierra 0
9 Cisco Systems OL-6426-02 Manual de instrucciones Sierra 0
10 Cisco Systems 78-16409-03 Manual de instrucciones Sierra 0
11 Cisco Systems 815 Manual de instrucciones Sierra 0
12 Cisco Systems OL-7469-04 Manual de instrucciones Sierra 1
13 Cisco Systems PS 300 EQ Manual de instrucciones Sierra 0
14 Cisco Systems PSB 300 EQ Manual de instrucciones Sierra 0
15 Cisco Systems Cisco 3600 Series Hardware OL-2056-02 Manual de instrucciones Sierra 0
16 Sony XS-L12S Manual de instrucciones Sierra 8
17 Sony XS-L10S Manual de instrucciones Sierra 1
18 3Com 3CRWDR200A-75 Manual de instrucciones Sierra 6
19 Agilent Technologies 16193A Manual de instrucciones Sierra 4
20 Aiphone AP-10M Manual de instrucciones Sierra 1