ii
Controlling SNMP access ············································································································ 37
Configuration procedure ······································································································· 37
Configuration example ········································································································· 38
Configuring command authorization ······························································································· 39
Configuration procedure ······································································································· 39
Configuration example ········································································································· 40
Configuring command accounting ································································································· 41
Configuration procedure ······································································································· 42
Configuration example ········································································································· 42
Configuring RBAC ·········································································· 44
Overview ·································································································································· 44
Permission assignment ········································································································ 44
Assigning user roles ············································································································ 46
FIPS compliance ························································································································ 47
Configuration task list·················································································································· 47
Creating user roles ····················································································································· 47
Configuring user role rules ··········································································································· 47
Configuration restrictions and guidelines ·················································································· 48
Configuration procedure ······································································································· 48
Configuring feature groups ··········································································································· 49
Configuring resource access policies ····························································································· 49
Configuring the interface policy of a user role ··········································································· 49
Configuring the VLAN policy of a user role ··············································································· 50
Configuring the VPN instance policy of a user role ····································································· 50
Assigning user roles ··················································································································· 51
Enabling the default user role feature ······················································································ 51
Assigning user roles to remote AAA authentication users ···························································· 51
Assigning user roles to local AAA authentication users ······························································· 51
Assigning user roles to non-AAA authentication users on user lines ·············································· 52
Configuring temporary user role authorization·················································································· 53
Configuration guidelines ······································································································· 53
Configuring user role authentication ························································································ 54
Obtaining temporary user role authorization ············································································· 55
Displaying RBAC settings ············································································································ 55
RBAC configuration examples ······································································································ 55
RBAC configuration example for local AAA authentication users ·················································· 55
RBAC configuration example for RADIUS authentication users ···················································· 57
RBAC temporary user role authorization configuration example (HWTACACS authentication) ··········· 60
RBAC temporary user role authorization configuration example (RADIUS authentication) ················· 64
Troubleshooting RBAC ··············································································································· 67
Local users have more access permissions than intended ·························································· 67
Login attempts by RADIUS users always fail ············································································ 67
Configuring FTP ············································································· 69
FIPS compliance ························································································································ 69
Using the device as an FTP server ································································································ 69
Configuring basic parameters ································································································ 69
Configuring authentication and authorization ············································································ 70
Manually releasing FTP connections ······················································································· 71
Displaying and maintaining the FTP server··············································································· 71
FTP server configuration example ·························································································· 71
Using the device as an FTP client ································································································· 72
Establishing an FTP connection ····························································································· 72
Managing directories on the FTP server ·················································································· 74
Working with files on the FTP server ······················································································· 74
Changing to another user account ·························································································· 75
Maintaining and troubleshooting the FTP connection ································································· 75
Terminating the FTP connection ····························································································· 76
Displaying command help information ····················································································· 76
Displaying and maintaining FTP client ····················································································· 76
FTP client configuration example ···························································································· 76
To Next Page
Loading...
Need help?
General