EasyManuals Logo

ELTEX ESR Series User Manual

ELTEX ESR Series
575 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #95 background imageLoading...
Page #95 background image
ESR-Series. User manual
95
esr(config)# username admin
esr(config-user)# privilege 1
esr(config-user)# exit
Configure the connection to the two RADIUS servers, the primary 192.168.1.11 and the backup 192.168.2.12:
esr(config)# radius-server host 192.168.1.11
esr(config-radius-server)# key ascii-text encrypted 8CB5107EA7005AFF
esr(config-radius-server)# priority 100 esr(config-radius-server)# exit
esr(config)# radius-server host 192.168.2.12
esr(config-radius-server)# key ascii-text encrypted 8CB5107EA7005AFF
esr(config-radius-server)# priority 150
esr(config-radius-server)# exit
Configure AAA policy:
esr(config)# aaa authentication login CONSOLE radius local
esr(config)# aaa authentication login SSH radius
esr(config)# aaa authentication enable default radius enable
esr(config)# aaa authentication mode break
esr(config)# line console
esr(config-line-console)# login authentication CONSOLE
esr(config-line-console)# exit esr(config)# line ssh
esr(config-line-ssh)# login authentication SSH
esr(config-line-ssh)# exit
Configure logging:
esr(config)# logging userinfo
esr(config)# logging aaa
esr(config)#syslog cli-commands
7.5 Remote management configuration
For more information on remote access configuration commands, see SSH, Telnet access configuration in the
CLI command reference.
7.5.1 Recommendations
It is recommended to disable remote control via telnet.
It is recommended to generate new cryptographic keys.
It is recommended to use crypto-resistant sha2-256, sha2-512 authentication algorithms and disable all
others.
It is recommended to use crypto-resistant aes256, aes256ctr encryption algorithms and disable all
others.
It is recommended to use dh-group-exchange-sha256 crypto-proof encryption key exchange algorithm
and disable all others.
It is recommended to allow access to remote control of the device only from certain IP addresses. 
7.5.2 Configuration example
Objective:

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the ELTEX ESR Series and is the answer not in the manual?

ELTEX ESR Series Specifications

General IconGeneral
ModelESR Series
CategoryNetwork Router
ManufacturerELTEX
ManagementWeb interface, CLI, SNMP
Operating Temperature0°C to 40°C
DimensionsVaries by model
WeightVaries by model
Routing ProtocolsOSPF, BGP
WAN InterfacesEthernet, SFP
LAN InterfacesEthernet, SFP
VPN SupportIPsec, L2TP, PPTP
FirewallStateful packet inspection, ACLs
Power over Ethernet (PoE)Available on some models
QoSTraffic prioritization

Related product manuals