Cisco Systems SN 5428-2 user manual

User manual for the device Cisco Systems SN 5428-2

Device: Cisco Systems SN 5428-2
Category: Saw
Manufacturer: Cisco Systems
Size: 0.35 MB
Added : 6/7/2014
Number of pages: 22
Print the manual

Download

How to use this site?

Our goal is to provide you with a quick access to the content of the user manual for Cisco Systems SN 5428-2. Using the online preview, you can quickly view the contents and go to the page where you will find the solution to your problem with Cisco Systems SN 5428-2.

For your convenience

If looking through the Cisco Systems SN 5428-2 user manual directly on this website is not convenient for you, there are two possible solutions:

  • Full Screen Viewing - to easily view the user manual (without downloading it to your computer), you can use full-screen viewing mode. To start viewing the user manual Cisco Systems SN 5428-2 on full screen, use the button Fullscreen.
  • Downloading to your computer - You can also download the user manual Cisco Systems SN 5428-2 to your computer and keep it in your files. However, if you do not want to take up too much of your disk space, you can always download it in the future from ManualsBase.
Cisco Systems SN 5428-2 User manual - Online PDF
Advertisement
« Page 1 of 22 »
Advertisement
Print version

Many people prefer to read the documents not on the screen, but in the printed version. The option to print the manual has also been provided, and you can use it by clicking the link above - Print the manual. You do not have to print the entire manual Cisco Systems SN 5428-2 but the selected pages only. paper.

Summaries

Below you will find previews of the content of the user manuals presented on the following pages to Cisco Systems SN 5428-2. If you want to quickly view the content of pages found on the following pages of the manual, you can use them.

Abstracts of contents
Summary of the content on the page No. 1


CHAPTER 9
Configuring Authentication
This chapter explains how to configure the authentication portion of Cisco’s authentication,
authorization and accounting (AAA) services on the SN 5428-2 Storage Router and how to configure
Enable, Login and iSCSI authentication, which use AAA services.
The following tasks are covered:
• Prerequisite Tasks, page 9-2
� Using Authentication, page 9-2
� Configuration Tasks, page 9-4
� Configuring Authentication Services, page 9-12
� Creating Named Server Gro

Summary of the content on the page No. 2

Chapter 9 Configuring Authentication Prerequisite Tasks Prerequisite Tasks Before performing AAA configuration tasks on the storage router, make sure you have configured system parameters as described in Chapter 2, “First-Time Configuration,” or Chapter 3, “Configuring System Parameters.” If the storage router is deployed for SCSI routing, you should also configure SCSI routing instances as described in Chapter 6, “Configuring SCSI Routing,” before proceeding. See the iSCSI driver rea

Summary of the content on the page No. 3

Chapter 9 Configuring Authentication Using Authentication Enable Authentication When configured, a user enters password information each time the CLI enable command is entered from the management console, or from a Telnet or SSH management session. If the storage router is configured to allow FTP access, Enable authentication also authenticates users attempting to login and establish an FTP session with the storage router. Using RADIUS Security Servers Because the enable command does n

Summary of the content on the page No. 4

Chapter 9 Configuring Authentication Configuration Tasks Table 9-1 Authentication Services (continued) Authentication Service Description Authentication Types Local or Uses a local username database on the storage router Login and iSCSI Local-case for authentication. Local-case indicates that the user authentication only name authentication is case-sensitive. Passwords authentication is always case-sensitive. Enable Uses the Administrator mode password configured for Enable and Login

Summary of the content on the page No. 5

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-1 iSCSI Authentication Configuration Elements Remote RADIUS servers Remote TACACS+ servers Username database user password user password user password When iSCSI authentication is user password enabled, the SCSI routing user password instance passes the user name user password . . . . . . . . and password from the iSCSI . . . . . . . . driver to AAA for authentication. AAA uses the specified local

Summary of the content on the page No. 6

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-2 iSCSI Authentication Example Configuration Remote TACACS+ servers IP 10.7.0.22 IP 10.7.0 41 IP 10.7.0.45 group janus Global Key: tacacs123SN Username database Remote RADIUS servers IP 10.5.0.61 IP 10.6.0.53 Global Key: rad123SN labserver foo labserver2 foo2 local or RADIUS TACACS+ local-case Authentication services list: webservices2 local group janus group tacacs+ AAA authentication services SCSI routing instance:

Summary of the content on the page No. 7

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-3 illustrates AAA configuration elements used for Enable authentication with RADIUS servers, Figure 9-4 illustrates AAA configuration elements used for Enable authentication with TACACS+ servers, and Figure 9-5 illustrates the example configuration of Enable authentication and the authentication services used in this chapter. Figure 9-3 Enable Authentication Configuration Elements with RADIUS Servers Remote RADIUS server

Summary of the content on the page No. 8

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-4 Enable Authentication Configuration Elements with TACACS+ Servers Remote TACACS+ servers When Enable authentication is enabled, authentication is required when the user Administrator Monitor attempts Administrator mode password password access via the CLI "enable" command. The user is prompted for a password, which is sent along with the user name entered at login, to AAA for authentication. TACACS+ Enable Monitor If the

Summary of the content on the page No. 9

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-5 Enable Authentication Example Configuration group sysadmin Remote TACACS+ servers IP 10.7.0.22 Administrator password: ciscoadmin IP 10.7.0.41 Global key: tacacs123SN TACACS+ Enable Monitor Authentication services list: group sysadmin user name = ciscouser enable password = ciscoadmin AAA authentication services CLI command session processor SN 5428-2 Storage Router user name = ciscouser password = ciscoadmin Telnet, S

Summary of the content on the page No. 10

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-6 illustrates AAA configuration elements used for Login authentication and Figure 9-7 illustrates the example configuration of Login authentication and the authentication services used in this chapter. Figure 9-6 Login Authentication Configuration Elements Remote TACACS+ servers Remote RADIUS servers Username database user password Monitor Administrator user password When Login authentication is password password user

Summary of the content on the page No. 11

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-7 Login Authentication Example Configuration group sysadmin Remote TACACS+ servers Monitor password: IP 10.7.0.22 ciscomonitor IP 10.7.0.41 Global Key: tacacs123SN local or RADIUS TACACS+ Enable Monitor local-case Authentication services list: group sysadmin monitor AAA authentication services CLI command session processor SN 5428-2 Storage Router user name: sysmonitor password: ciscomonitor Telnet, SSH or console managemen

Summary of the content on the page No. 12

Chapter 9 Configuring Authentication Configuring Authentication Services Configuring Authentication Services Configuring authentication services consists of setting the appropriate parameters for the various AAA service options that can be used by the storage router. The storage router can use any or all of the supported services: � RADIUS � TACACS+ � Local username database � Enable � Monitor Use the procedures that follow to configure the storage router to use each of these services.

Summary of the content on the page No. 13

Chapter 9 Configuring Authentication Configuring Authentication Services TACACS+ Hosts Use the commands in the following procedure to configure TACACS+ authentication services. Command Description Step 1 enable Enter Administrator mode. Step 2 tacacs-server host 10.7.0.22 Specify the TACACS+ servers to be used for authentication. For example, specify the TACACS+ servers at 10.7.0.22, 10.7.0.41, tacacs-server host 10.7.0.41 and 10.7.0.45 for use by the storage router. Because no port is

Summary of the content on the page No. 14

Chapter 9 Configuring Authentication Configuring Authentication Services The following rules apply to passwords: � Passwords are entered in clear text. However, they are changed to “XXXXX” in the CLI command history cache, and are stored in the local username database in an encrypted format. � If the password contains embedded spaces, enclose it with single or double quotes. � After initial entry, passwords display in their encrypted format. Use the show aaa command to display the local

Summary of the content on the page No. 15

Chapter 9 Configuring Authentication Creating Named Server Groups Creating Named Server Groups By default, you can use all configured RADIUS or TACACS+ servers for authentication. All configured RADIUS servers belong to the default group named radius. All configured TACACS+ servers belong to the default group named tacacs+. You can also create named groups of RADIUS or TACACS+ servers, to be used for specific authentication purposes. For example, you can use a subset of all configured

Summary of the content on the page No. 16

Chapter 9 Configuring Authentication Creating Authentication Lists Command Description Step 3 aaa group server tacacs+ Add a TACACS+ server to the named group. For example, add the sysadmin server 10.7.0.22 TACACS+ server at IP address 10.7.0.22 to the group named sysadmin. Because no port is specified, authentication requests to this server use the default port 49. Servers are accessed in the order in which they are defined within the named group. Step 4 aaa group server tacacs+ Add

Summary of the content on the page No. 17

Chapter 9 Configuring Authentication Creating Authentication Lists Enable authentication Use the commands in the following procedure to build a default list of authentication services to be used for Enable authentication. Building the default list completes the configuration of Enable authentication and makes it immediately effective. Command Description Step 1 enable Enter Administrator mode. Step 2 aaa authentication enable Create a default list of authentication services for Enable

Summary of the content on the page No. 18

Chapter 9 Configuring Authentication Testing Authentication Testing Authentication You can perform authentication testing at any time. For example, before enabling iSCSI authentication for a SCSI routing instance, you can test iSCSI authentication. The user name and password are passed to AAA, which performs authentication using the specified iSCSI authentication list. The command response indicates a pass or fail status. iSCSI Authentication Use the commands in the following procedur

Summary of the content on the page No. 19

Chapter 9 Configuring Authentication Configuring Two-Way Authentication Login Authentication Use the commands in the following procedure to test Login authentication. Command Description Step 1 enable Enter Administrator mode. Step 2 aaa test authentication login Test the user name and password configured for Monitor mode default sysmonitor ciscomonitor access to the storage router. AAA uses the services in the default authentication list (Example 9-3). Example 9-3 Testing Login Authent

Summary of the content on the page No. 20

Chapter 9 Configuring Authentication Enabling iSCSI Authentication Enabling iSCSI Authentication iSCSI authentication is enabled for specific SCSI routing instances. By default, iSCSI authentication is not enabled. Use the commands in the following procedure to enable iSCSI authentication using the authentication services configured in the specified authentication list. Command Description Step 1 enable Enter Administrator mode. Step 2 scsirouter zeus authentication Enable authenticatio


Alternative user manuals
# User manual Category Download
1 Cisco Systems SN 5428-2 User manual Network Router 0
2 Cisco Systems SN 5428-2 User manual Network Router 0
3 Cisco Systems Cisco 1801 User manual Saw 10
4 Cisco Systems 2691 User manual Saw 2
5 Cisco Systems Cisco 1802 User manual Saw 0
6 Cisco Systems NME-WAE User manual Saw 1
7 Cisco Systems MC-607 User manual Saw 0
8 Cisco Systems Cisco 1803 User manual Saw 0
9 Cisco Systems OL-6426-02 User manual Saw 0
10 Cisco Systems 78-16409-03 User manual Saw 0
11 Cisco Systems 815 User manual Saw 0
12 Cisco Systems OL-7469-04 User manual Saw 1
13 Cisco Systems PS 300 EQ User manual Saw 0
14 Cisco Systems PSB 300 EQ User manual Saw 0
15 Cisco Systems Cisco 3600 Series Hardware OL-2056-02 User manual Saw 0
16 Sony XS-L12S User manual Saw 8
17 Sony XS-L10S User manual Saw 1
18 3Com 3CRWDR200A-75 User manual Saw 6
19 Agilent Technologies 16193A User manual Saw 4
20 Aiphone AP-10M User manual Saw 1