Instruction d'utilisation Cisco Systems SN 5428-2

Instruction d'utilisation pour le dispositif Cisco Systems SN 5428-2

Dispositif: Cisco Systems SN 5428-2
Catégorie: Scie
Fabricant: Cisco Systems
Dimension: 0.35 MB
Date d'addition: 6/7/2014
Nombre des pages: 22
Imprimez l'instruction

Téléchargez

Comment utiliser?

Notre objectif consiste à vous assurer le plus rapide accès au contenu de l'instruction d'utilisation du dispositif Cisco Systems SN 5428-2. En utilisant l'aperçu en ligne vous pouvez parcourir le sommaire et passer à la page où vous trouverez la résolution de votre problème avec Cisco Systems SN 5428-2.

Pour votre confort

Si regarder l'instruction Cisco Systems SN 5428-2 directement sur la page n'est pas confortable pour vous, vous pouvez profiter de deux solutions possibles:

  • Exploration au mode de plein écran - pour analyser l'instruction d'une manière commode (sans l'avoir téléchargée sur votre ordinateur) vous pouvez utiliser le mode d'exploration en plein écran. Pour démarrer l'exploration de l'instruction Cisco Systems SN 5428-2 en plein écran, utilisez le bouton Plein écran.
  • Téléchargement sur l'ordinateur - vous pouvez aussi télécharger l'instruction Cisco Systems SN 5428-2 sur votre ordinateur et la sauvegarder dans vos ressources. Si vous n'avez pas envie de gaspiller votre espace disque, vous pouvez toujours télécharger cette instruction du ManualsBase dans l'avenir.
Cisco Systems SN 5428-2 Manuel d'utilisation - Online PDF
Advertisement
« Page 1 of 22 »
Advertisement
Version imprimée

Beaucoup de gens préfèrent de lire les documents dans la version imprimée et non pas sur l'écran. L'option d'impression de l'instruction est aussi prévue et vous pouvez en profiter en cliquant le lien ci-dessus - Imprimez l'instruction. Il n'est pas nécessaire d'imprimer toute l'instruction Cisco Systems SN 5428-2 - on peut choisir des pages. Economisez le papier.

Résumés

Vous trouverez ci-dessous les annonces des contenus qui se trouvent sur les pages suivantes de l'instruction de Cisco Systems SN 5428-2. Si vous voulez parcourir rapidement le contenu des pages suivantes de l'instruction, vous pouvez en profiter.

Résumés du contenu
Résumé du contenu de la page N° 1


CHAPTER 9
Configuring Authentication
This chapter explains how to configure the authentication portion of Cisco’s authentication,
authorization and accounting (AAA) services on the SN 5428-2 Storage Router and how to configure
Enable, Login and iSCSI authentication, which use AAA services.
The following tasks are covered:
• Prerequisite Tasks, page 9-2
� Using Authentication, page 9-2
� Configuration Tasks, page 9-4
� Configuring Authentication Services, page 9-12
� Creating Named Server Gro

Résumé du contenu de la page N° 2

Chapter 9 Configuring Authentication Prerequisite Tasks Prerequisite Tasks Before performing AAA configuration tasks on the storage router, make sure you have configured system parameters as described in Chapter 2, “First-Time Configuration,” or Chapter 3, “Configuring System Parameters.” If the storage router is deployed for SCSI routing, you should also configure SCSI routing instances as described in Chapter 6, “Configuring SCSI Routing,” before proceeding. See the iSCSI driver rea

Résumé du contenu de la page N° 3

Chapter 9 Configuring Authentication Using Authentication Enable Authentication When configured, a user enters password information each time the CLI enable command is entered from the management console, or from a Telnet or SSH management session. If the storage router is configured to allow FTP access, Enable authentication also authenticates users attempting to login and establish an FTP session with the storage router. Using RADIUS Security Servers Because the enable command does n

Résumé du contenu de la page N° 4

Chapter 9 Configuring Authentication Configuration Tasks Table 9-1 Authentication Services (continued) Authentication Service Description Authentication Types Local or Uses a local username database on the storage router Login and iSCSI Local-case for authentication. Local-case indicates that the user authentication only name authentication is case-sensitive. Passwords authentication is always case-sensitive. Enable Uses the Administrator mode password configured for Enable and Login

Résumé du contenu de la page N° 5

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-1 iSCSI Authentication Configuration Elements Remote RADIUS servers Remote TACACS+ servers Username database user password user password user password When iSCSI authentication is user password enabled, the SCSI routing user password instance passes the user name user password . . . . . . . . and password from the iSCSI . . . . . . . . driver to AAA for authentication. AAA uses the specified local

Résumé du contenu de la page N° 6

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-2 iSCSI Authentication Example Configuration Remote TACACS+ servers IP 10.7.0.22 IP 10.7.0 41 IP 10.7.0.45 group janus Global Key: tacacs123SN Username database Remote RADIUS servers IP 10.5.0.61 IP 10.6.0.53 Global Key: rad123SN labserver foo labserver2 foo2 local or RADIUS TACACS+ local-case Authentication services list: webservices2 local group janus group tacacs+ AAA authentication services SCSI routing instance:

Résumé du contenu de la page N° 7

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-3 illustrates AAA configuration elements used for Enable authentication with RADIUS servers, Figure 9-4 illustrates AAA configuration elements used for Enable authentication with TACACS+ servers, and Figure 9-5 illustrates the example configuration of Enable authentication and the authentication services used in this chapter. Figure 9-3 Enable Authentication Configuration Elements with RADIUS Servers Remote RADIUS server

Résumé du contenu de la page N° 8

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-4 Enable Authentication Configuration Elements with TACACS+ Servers Remote TACACS+ servers When Enable authentication is enabled, authentication is required when the user Administrator Monitor attempts Administrator mode password password access via the CLI "enable" command. The user is prompted for a password, which is sent along with the user name entered at login, to AAA for authentication. TACACS+ Enable Monitor If the

Résumé du contenu de la page N° 9

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-5 Enable Authentication Example Configuration group sysadmin Remote TACACS+ servers IP 10.7.0.22 Administrator password: ciscoadmin IP 10.7.0.41 Global key: tacacs123SN TACACS+ Enable Monitor Authentication services list: group sysadmin user name = ciscouser enable password = ciscoadmin AAA authentication services CLI command session processor SN 5428-2 Storage Router user name = ciscouser password = ciscoadmin Telnet, S

Résumé du contenu de la page N° 10

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-6 illustrates AAA configuration elements used for Login authentication and Figure 9-7 illustrates the example configuration of Login authentication and the authentication services used in this chapter. Figure 9-6 Login Authentication Configuration Elements Remote TACACS+ servers Remote RADIUS servers Username database user password Monitor Administrator user password When Login authentication is password password user

Résumé du contenu de la page N° 11

Chapter 9 Configuring Authentication Configuration Tasks Figure 9-7 Login Authentication Example Configuration group sysadmin Remote TACACS+ servers Monitor password: IP 10.7.0.22 ciscomonitor IP 10.7.0.41 Global Key: tacacs123SN local or RADIUS TACACS+ Enable Monitor local-case Authentication services list: group sysadmin monitor AAA authentication services CLI command session processor SN 5428-2 Storage Router user name: sysmonitor password: ciscomonitor Telnet, SSH or console managemen

Résumé du contenu de la page N° 12

Chapter 9 Configuring Authentication Configuring Authentication Services Configuring Authentication Services Configuring authentication services consists of setting the appropriate parameters for the various AAA service options that can be used by the storage router. The storage router can use any or all of the supported services: � RADIUS � TACACS+ � Local username database � Enable � Monitor Use the procedures that follow to configure the storage router to use each of these services.

Résumé du contenu de la page N° 13

Chapter 9 Configuring Authentication Configuring Authentication Services TACACS+ Hosts Use the commands in the following procedure to configure TACACS+ authentication services. Command Description Step 1 enable Enter Administrator mode. Step 2 tacacs-server host 10.7.0.22 Specify the TACACS+ servers to be used for authentication. For example, specify the TACACS+ servers at 10.7.0.22, 10.7.0.41, tacacs-server host 10.7.0.41 and 10.7.0.45 for use by the storage router. Because no port is

Résumé du contenu de la page N° 14

Chapter 9 Configuring Authentication Configuring Authentication Services The following rules apply to passwords: � Passwords are entered in clear text. However, they are changed to “XXXXX” in the CLI command history cache, and are stored in the local username database in an encrypted format. � If the password contains embedded spaces, enclose it with single or double quotes. � After initial entry, passwords display in their encrypted format. Use the show aaa command to display the local

Résumé du contenu de la page N° 15

Chapter 9 Configuring Authentication Creating Named Server Groups Creating Named Server Groups By default, you can use all configured RADIUS or TACACS+ servers for authentication. All configured RADIUS servers belong to the default group named radius. All configured TACACS+ servers belong to the default group named tacacs+. You can also create named groups of RADIUS or TACACS+ servers, to be used for specific authentication purposes. For example, you can use a subset of all configured

Résumé du contenu de la page N° 16

Chapter 9 Configuring Authentication Creating Authentication Lists Command Description Step 3 aaa group server tacacs+ Add a TACACS+ server to the named group. For example, add the sysadmin server 10.7.0.22 TACACS+ server at IP address 10.7.0.22 to the group named sysadmin. Because no port is specified, authentication requests to this server use the default port 49. Servers are accessed in the order in which they are defined within the named group. Step 4 aaa group server tacacs+ Add

Résumé du contenu de la page N° 17

Chapter 9 Configuring Authentication Creating Authentication Lists Enable authentication Use the commands in the following procedure to build a default list of authentication services to be used for Enable authentication. Building the default list completes the configuration of Enable authentication and makes it immediately effective. Command Description Step 1 enable Enter Administrator mode. Step 2 aaa authentication enable Create a default list of authentication services for Enable

Résumé du contenu de la page N° 18

Chapter 9 Configuring Authentication Testing Authentication Testing Authentication You can perform authentication testing at any time. For example, before enabling iSCSI authentication for a SCSI routing instance, you can test iSCSI authentication. The user name and password are passed to AAA, which performs authentication using the specified iSCSI authentication list. The command response indicates a pass or fail status. iSCSI Authentication Use the commands in the following procedur

Résumé du contenu de la page N° 19

Chapter 9 Configuring Authentication Configuring Two-Way Authentication Login Authentication Use the commands in the following procedure to test Login authentication. Command Description Step 1 enable Enter Administrator mode. Step 2 aaa test authentication login Test the user name and password configured for Monitor mode default sysmonitor ciscomonitor access to the storage router. AAA uses the services in the default authentication list (Example 9-3). Example 9-3 Testing Login Authent

Résumé du contenu de la page N° 20

Chapter 9 Configuring Authentication Enabling iSCSI Authentication Enabling iSCSI Authentication iSCSI authentication is enabled for specific SCSI routing instances. By default, iSCSI authentication is not enabled. Use the commands in the following procedure to enable iSCSI authentication using the authentication services configured in the specified authentication list. Command Description Step 1 enable Enter Administrator mode. Step 2 scsirouter zeus authentication Enable authenticatio


Instructions pareilles
# Instruction d'utilisation Catégorie Téléchargez
1 Cisco Systems SN 5428-2 Manuel d'utilisation Routeur réseau 0
2 Cisco Systems SN 5428-2 Manuel d'utilisation Routeur réseau 0
3 Cisco Systems Cisco 1801 Manuel d'utilisation Scie 10
4 Cisco Systems 2691 Manuel d'utilisation Scie 2
5 Cisco Systems Cisco 1802 Manuel d'utilisation Scie 0
6 Cisco Systems NME-WAE Manuel d'utilisation Scie 1
7 Cisco Systems MC-607 Manuel d'utilisation Scie 0
8 Cisco Systems Cisco 1803 Manuel d'utilisation Scie 0
9 Cisco Systems OL-6426-02 Manuel d'utilisation Scie 0
10 Cisco Systems 78-16409-03 Manuel d'utilisation Scie 0
11 Cisco Systems 815 Manuel d'utilisation Scie 0
12 Cisco Systems OL-7469-04 Manuel d'utilisation Scie 1
13 Cisco Systems PS 300 EQ Manuel d'utilisation Scie 0
14 Cisco Systems PSB 300 EQ Manuel d'utilisation Scie 0
15 Cisco Systems Cisco 3600 Series Hardware OL-2056-02 Manuel d'utilisation Scie 0
16 Sony XS-L12S Manuel d'utilisation Scie 8
17 Sony XS-L10S Manuel d'utilisation Scie 1
18 3Com 3CRWDR200A-75 Manuel d'utilisation Scie 6
19 Agilent Technologies 16193A Manuel d'utilisation Scie 4
20 Aiphone AP-10M Manuel d'utilisation Scie 1