Cisco Systems 15327 Manual de usuario Pagina 315
- Pagina / 584
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
19-3
Ethernet Card Software Feature and Configuration Guide, R7.2
January 2009
Chapter 19 Configuring Security for the ML-Series Card
Configuring SSH
SSH has two applications, an SSH server and SSH client. The ML-Series card only supports the SSH
server and does not support the SSH client. The SSH server in Cisco IOS software works with publicly
and commercially available SSH clients.
The SSH server enables a connection into the ML-Series card, similar to an inbound Telnet connection,
but with stronger security. Before SSH, security was limited to the native security in Telnet. SSH
improves on this by allowing the use of Cisco IOS software authentication.
The ONS node also supports SSH. When SSH is enabled on the ONS node, you use SSH to connect to
the ML-Series card for Cisco IOS CLI sessions.
Note Telnet access to the ML-Series card is not automatically disabled when SSH is enabled. The user can
disable Telnet access with the vty line configuration command transport input ssh.
Configuring SSH
This section has this configuration information:
• Configuration Guidelines, page 19-3
• Setting Up the ML-Series Card to Run SSH, page 19-3 (required)
• Configuring the SSH Server, page 19-4 (required)
Configuration Guidelines
Follow these guidelines when configuring the ML-Series card as an SSH server:
• The new model of AAA and a AAA login method must be enabled. If not previously enabled,
complete the “Configuring AAA Login Authentication” section on page 19-11.
• A Rivest, Shamir, and Adelman (RSA) key pair generated by a SSHv1 server can be used by an
SSHv2 server, and the reverse.
• If you get CLI error messages after entering the crypto key generate rsa global configuration
command, an RSA key pair has not been generated. Reconfigure the hostname and domain, and then
enter the crypto key generate rsa command. For more information, see the “Setting Up the
ML-Series Card to Run SSH” section on page 19-3.
• When generating the RSA key pair, the message No host name specified might appear. If it does,
you must configure a hostname by using the hostname global configuration command.
• When generating the RSA key pair, the message No domain specified might appear. If it does, you
must configure an IP domain name by using the ip domain-name global configuration command.
Setting Up the ML-Series Card to Run SSH
Follow these steps to set up your ML-Series card to run as an SSH server:
1. Configure a hostname and IP domain name for the ML-Series card.
2. Generate an RSA key pair for the ML-Series card, which automatically enables SSH.
3. Configure user authentication for local or remote access. This step is required.
Beginning in privileged EXEC mode, follow these steps to configure a hostname and an IP domain name
and to generate an RSA key pair.
- Configuration Guide 1
- CONTENTS 3
- 5 Configuring POS 5-1 4
- 6 Configuring Bridges 6-1 5
- 8 Configuring VLANs 8-1 6
- 12 Configuring IRB 12-1 8
- Contents 10
- January 2009 10
- 21 Configuring RMON 21-1 13
- 22 Configuring SNMP 22-1 14
- A Command Reference A-1 18
- About this Guide 27
- Document Objectives 28
- Audience 28
- Document Organization 28
- Related Documentation 30
- Document Conventions 31
- Waarschuwing 32
- Varoitus 32
- Attention 32
- Avvertenza 33
- Advarsel 33
- ¡Advertencia! 33
- Varning! 33
- ML-Series Card Overview 39
- ML-Series Feature List 40
- ML-Series Feature List 41
- CTC Operations 45
- Baseline 46
- Auto-Refresh 46
- Chapter 2 CTC Operations 47
- Managing SONET/SDH Alarms 48
- J1 Path Trace 49
- J1 Path Trace 50
- Initial Configuration 51
- Figure 3-1 CTC IOS Window 53
- Node IP address 54
- RJ-45 Cable 56
- RJ-11 to RJ-45 56
- Console Port Adapter Cable 56
- ML1000-2 CONSOLE Port 56
- Startup Configuration File 57
- Passwords 58
- Configuring the Hostname 59
- Multiple Microcode Images 61
- Cisco IOS Command Modes 63
- Using the Command Modes 65
- Getting Help 66
- Configuring Interfaces 67
- MAC Addresses 68
- Interface Port ID 68
- Basic Interface Configuration 69
- Configuration 70
- Chapter 5, “Configuring POS.” 76
- CRC Threshold Configuration 77
- Interfaces 78
- Configuring POS 81
- Chapter 5 Configuring POS 82
- SW-LCAS 83
- Setting the MTU Size 85
- SONET/SDH Alarms 86
- Configuring SONET/SDH Alarms 87
- C2 Byte and Scrambling 88
- Monitoring and Verifying POS 89
- POS Configuration Examples 91
- ML_Series_A 92
- Configuring Bridges 97
- Configuring Basic Bridging 98
- SONET/SDH 99
- IP Routing Mode 101
- No IP Routing Mode 102
- Bridge CRB Mode 103
- Bridge IRB Mode 104
- Chapter 6 Configuring Bridges 106
- Bridge IRB Mode 106
- Configuring STP and RSTP 107
- STP Overview 108
- Supported STP Instances 108
- Bridge Protocol Data Units 108
- Election of the Root Switch 109
- Spanning-Tree Timers 110
- Blocking State 112
- Listening State 113
- Learning State 113
- Forwarding State 113
- Disabled State 113
- STP and IEEE 802.1Q Trunks 114
- Supported RSTP Instances 115
- Rapid Convergence 116
- Rapid Convergence 117
- Synchronization of Port Roles 118
- Table 7-4 RSTP BPDU Flags 119
- Topology Changes 120
- Disabling STP and RSTP 122
- Configuring the Root Switch 123
- Configuring the Port Priority 123
- Configuring the Path Cost 124
- Configuring the Hello Time 125
- Configuring VLANs 129
- ONS 15454 130
- Chapter 8 Configuring VLANs 134
- Protocol Tunneling 135
- IEEE 802.1Q Example 139
- Figure 9-3 ERMS Example 141
- Configuring Link Aggregation 149
- Configuring EtherChannel 150
- Configuring POS Channel 152
- ML_Series A 154
- ML_Series B 154
- Enabling IP Routing 161
- Configuring IP Routing 162
- Configuring RIP 163
- RIP Authentication 165
- Configuring OSPF 167
- Configuring OSPF 168
- OSPF Interface Parameters 171
- OSPF Area Parameters 172
- Change LSA Group Pacing 176
- Loopback Interface 177
- Monitoring OSPF 177
- Configuring EIGRP 178
- Configuring EIGRP 179
- EIGRP Router Mode Commands 180
- EIGRP Interface Mode Commands 181
- Configuring BGP 185
- Table 11-6 BGP Show Commands 186
- Configuring IS-IS 187
- Configuring Static Routes 189
- Monitoring Static Routes 190
- Configuring IRB 195
- IRB Configuration Example 197
- Monitoring and Verifying IRB 198
- Configuring VRF Lite 201
- vrf-name 207
- Understanding QoS 209
- Ethernet CoS 211
- ML-Series QoS 212
- Policing 213
- Scheduling 214
- Scheduling 215
- Egress Priority Marking 216
- Ingress Priority Marking 216
- Flow Control Pause and QoS 217
- QoS on Cisco Proprietary RPR 218
- Configuring QoS 220
- Creating a Traffic Policy 221
- Configuring CoS-Based QoS 225
- QoS Configuration Examples 226
- ML-Series VoIP Example 229
- ML-Series Policing Example 229
- Router_a 230
- Default Multicast QoS 232
- QoS not Configured on Egress 235
- Understanding IP SLA 239
- IP SLA on the ML-Series 240
- Understanding the SDM 243
- Understanding SDM Regions 243
- Configuring SDM 244
- Monitoring and Verifying SDM 245
- Monitoring and Verifying SDM 246
- Understanding ACLs 247
- ML-Series ACL Support 247
- Named IP ACLs 248
- User Guidelines 248
- Creating IP ACLs 249
- Modifying ACL TCAM Size 251
- Modifying ACL TCAM Size 252
- Role of SONET/SDH Circuits 254
- Packet Handling Operations 254
- Ring Wrapping 255
- Fiber Cut 256
- ML-Series RPR 256
- Ring Wrap 256
- MAC Address and VLAN Support 258
- Cisco Proprietary RPR QoS 259
- ML-Series Card 264
- Access Ports 270
- LFP Sequence 281
- Configuring LFP 282
- Monitoring and Verifying LFP 283
- (mpls) working 284
- Balancing 288
- Understanding EoMPLS 293
- Understanding EoMPLS 294
- EoMPLS Support 295
- EoMPLS Restrictions 295
- EoMPLS Quality of Service 295
- Configuring EoMPLS 296
- EoMPLS Configuration Example 301
- VC Type 5 302
- Understanding MPLS-TE 305
- Configuring MPLS-TE 306
- Configuring an MPLS-TE Tunnel 307
- MPLS-TE Configuration Example 308
- RPRW Alarm 311
- RPRW Alarm 312
- Understanding Security 313
- Understanding SSH 314
- Configuring SSH 315
- Configuring the SSH Server 316
- RADIUS on the ML-Series Card 318
- RADIUS Relay Mode 318
- RADIUS Stand Alone Mode 319
- Understanding RADIUS 320
- Configuring RADIUS 320
- Default RADIUS Configuration 321
- Release 12.2 at: 323
- Defining AAA Server Groups 325
- Starting RADIUS Accounting 328
- POS on ONS Ethernet Cards 333
- POS Interoperability 334
- Encapsulation Type and CRC 335
- POS Encapsulation Types 336
- Figure 20-2 RPR Data Frames 337
- Cisco HDLC 338
- POS Framing Modes 339
- Configuring RMON 345
- Chapter 21 Configuring RMON 347
- Clearing of CRC-ALARM 351
- Unwrap Synchronization 352
- Unwrap Synchronization 353
- Bidirectional Errors 354
- User issues 356
- Displaying RMON Status 364
- Displaying RMON Status 366
- Configuring SNMP 367
- SNMP on the ML-Series Card 368
- SNMP Versions 369
- SNMP Manager Functions 369
- SNMP Agent Functions 370
- SNMP Community Strings 370
- Supported MIBs 371
- SNMP Notifications 371
- Disabling the SNMP Agent 373
- Configuring Community Strings 373
- Chapter 22 Configuring SNMP 374
- SNMP Examples 379
- Displaying SNMP Status 380
- G-Series Application 381
- G1K-4 and G1000-4 Comparison 382
- G-Series Example 383
- /SDH Circuits 384
- ONS Node 384
- Point-to-Point Circuit 387
- ONS Node ONS Node 387
- Gigabit Ethernet Ports 391
- E-Series Application 393
- E-Series Modes 394
- Port-Mapped (Linear Mapper) 395
- E-Series VLAN Support 397
- Data Flow 399
- Redundant path (blocked) 401
- Primary path (forwarding) 401
- E-Series Circuit Protection 404
- CE-100T-8 Ethernet Operation 409
- CE-100T-8 Ethernet Features 410
- Figure 24-2 Flow Control 411
- RMON and SNMP Support 414
- Statistics and Counters 414
- CE-100T-8 Pools 419
- CE-100T-8 Pools 420
- Both Port 6 and Port 7 421
- CE-1000-4 Ethernet Operation 425
- CE-1000-4 Ethernet Features 426
- Flow Control 427
- Understanding RPR-IEEE 433
- Advantages of RPR-IEEE 434
- RPR-IEEE Framing Process 435
- RPR-IEEE Framing Process 436
- CTM and RPR-IEEE 438
- Configuring Jumbo Frames 442
- Configuring Protection Timers 444
- Configuring a Span Shutdown 446
- Configuring Keepalive Events 446
- Configuring QoS on RPR-IEEE 449
- Configuring Fairness Weights 451
- Provisioning Card Mode 463
- RI Configuration Example 471
- RI Configuration Example 474
- Command Reference 475
- Appendix A Command Reference 476
- [no] clock auto 477
- interface spr 1 478
- microcode fail system-reload 480
- [no] pos pdi holdoff time 481
- [no] pos report alarm 482
- [no] pos scramble-spe 484
- [no] rpr-ieee ri foreign 487
- [no] rpr-ieee report alarm 498
- Related Commands show int pos 519
- show ons alarm 521
- Related Commands None 551
- [no] shutdown 552
- and the 557
- At the PE1 interface: 558
- At the PE2 interface: 558
- Unsupported CLI Commands 559
- Commands 562
- Configuration Commands 563
- Using Technical Support 567
- Numerics 571
Relacionado con productos y manuales para Software Cisco Systems 15327
Software Cisco Systems SN 5428-2 Manual de usuario
(22 paginas)
(22 paginas)
Software Cisco Systems CSACS3415K9 Manual de usuario
(678 paginas)
(678 paginas)
Software Cisco Systems OL-8155-01 Manual de usuario
(150 paginas)
(150 paginas)
Software Cisco Systems MGX and SES Manual de usuario
(90 paginas)
(90 paginas)
Software Cisco Systems H.323/SIP Guía de usuario
(54 paginas)
(54 paginas)
Software Cisco Systems ESW 500 Manual de usuario
(442 paginas)
(442 paginas)
Software Cisco Systems OL-11390-01 Manual de usuario
(20 paginas)
(20 paginas)
Software Cisco Systems ONS 15327 Manual de usuario
(42 paginas)
(42 paginas)
Software Cisco Systems OL-3995-01 Manual de usuario
(120 paginas)
(120 paginas)
Software Cisco Systems 6500/7600 Manual de usuario
(134 paginas)
(134 paginas)
Software Cisco Systems OL-7029-01 Manual de usuario
(342 paginas)
(342 paginas)
Software Cisco Systems OL-14361-01 Manual de usuario
(28 paginas)
(28 paginas)
Software Cisco Systems N3KC3064TFAL3 Manual de usuario
(164 paginas)
(164 paginas)
Software Cisco Systems 1.4 Manual de usuario
(146 paginas)
(146 paginas)
Software Cisco Systems OL-5385-01 Manual de usuario
(22 paginas)
(22 paginas)
Software Cisco Systems OL-6415-04 Manual de usuario
(188 paginas)
(188 paginas)
Software Cisco Systems OL-10984-01 Manual de usuario
(104 paginas)
(104 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.038 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales