User’s Guide FUJITSU PSWITCH
December/2018 101
3.1.4.5. DHCP Server
This feature only supported IPv6. Stateful server functionality to assign IPv6
addresses dynamically to DHCPv6 stateful clients (prefix delegation clients and end
host clients) based on the Client DUID in compliance with RFC 3315.
DHCPv6 incorporates the notion of the stateless server, where DHCPv6 is not used
for IP address assignment to a client; rather it only provides other networking
information such as DNS, NTP, and/or SIP information. The stateless server
behavior is described by RFC 3736, which simply contains descriptions of the
portions of RFC 3315 that are necessary for stateless server behavior.
3.1.5. Security & AAA
3.1.5.1. User Management
A valid user name and password combination is required to access the switch
management interface. A valid user can be defined on the switch locally or a
Remote Authentication Server (RAS). The switch can be used with RADIUS, TACACS+,
and LDAP servers as the authentication server.
The system supports three privilege levels, 0, 1, and 15 for both users and
commands, where level 15 has the highest authority. User level 0 blocks all the
access, which is convenient to shut out a user from the switch tentatively not
deleting its definition. The default user level is 15.
The default CLI command level is 0. Therefore, any user who login successfully can
executes the commands. The per-command authorization is available using
TACACS+ and RADIUS.
3.1.5.2. Accounting
User activities, such as login, logout, and command execution, on the switch can
be monitored and sent to an external AAA server. TACACS+ and RADIUS can be the
AAA server. TACACS+ supports Command and Exec accounting method, and RADIUS
supports user exec sessions and 802.1X sessions.
To Next Page
Loading...
Need help?
General
