EasyManuals Logo

ELTEX ESR Series User Manual

ELTEX ESR Series
575 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #94 background imageLoading...
Page #94 background image
ESR-Series. User manual
94
7.4.1 Recommendations
It is recommended to use a role-based access model on the device.
It is recommended to use personal accounts to authenticate on the device.
It is recommended to enable logging of commands entered by the user.
It is recommended to use several authentication methods for logging in to devices via console, remote
login to devices and privilege escalation. A combination of RADIUS/TACACS/LDAP authentication and
local authentication is considered optimal.
It is recommended to lower the built-in admin account privileges to 1.
It is recommended to configure logging of changes of local accounts.
It is recommended to configure AAA policy change logging.
7.4.2 Warnings
The built-in admin account cannot be deleted.
The no username admin command does not remove the admin user, it resets his configuration to
defaults. After applying this command, the admin user will not appear in the configuration.
The no password command for the admin user also does not remove the admin user's password, but
resets it to its default value. After applying this command, the admin user password is no longer
displayed in the configuration and becomes 'password'.
Attention! You must have a user with privilege level 15 or an ENABLE password configured before you
can set the admin user to downgrade privileges.
7.4.3 Configuration example
Objective:
Configure AAA policy:
Use RADIUS authentication for remote login via SSH.
Use RADIUS authentication for local console login, use local authentication if there is no connection to
RADIUS servers.
Use ENABLE password set via RADIUS, if there is no connection to RADIUS servers, use local ENABLE
password.
Set the admin user to a reduced privilege level.
Configure logging of changes of local accounts.
Configure AAA policy changes logging.
Configure the logging of entered commands.
Solution:
Create a local-operator user with privilege level 8:
esr(config)# username local-operator
esr(config-user)# password Pa$$w0rd1
esr(config-user)# privilege 8
esr(config-user)# exit
Set local ENABLE password:
esr(config)# enable password $6e5c4r3e2t!
Lower the privileges of the admin user:

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the ELTEX ESR Series and is the answer not in the manual?

ELTEX ESR Series Specifications

General IconGeneral
ModelESR Series
CategoryNetwork Router
ManufacturerELTEX
ManagementWeb interface, CLI, SNMP
Operating Temperature0°C to 40°C
DimensionsVaries by model
WeightVaries by model
Routing ProtocolsOSPF, BGP
WAN InterfacesEthernet, SFP
LAN InterfacesEthernet, SFP
VPN SupportIPsec, L2TP, PPTP
FirewallStateful packet inspection, ACLs
Power over Ethernet (PoE)Available on some models
QoSTraffic prioritization

Related product manuals