Cisco Systems 15327 Manual do Utilizador Página 316
- Página / 584
- Índice
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
19-4
Ethernet Card Software Feature and Configuration Guide, R7.2
January 2009
Chapter 19 Configuring Security for the ML-Series Card
Configuring SSH
To delete the RSA key pair, use the crypto key zeroize rsa global configuration command. After the
RSA key pair is deleted, the SSH server is automatically disabled.
Configuring the SSH Server
Beginning in privileged EXEC mode, follow these steps to configure the SSH server:
Command Purpose
Step 1
Router #configure terminal
Enter global configuration mode.
Step 2
Router (config)# hostname hostname
Configure a hostname for your ML-Series card.
Step 3
Router (config)# ip domain-name
domain_name
Configure a host domain for your ML-Series card.
Step 4
Router (config)# crypto key generate
rsa
Enable the SSH server for local and remote authentication on the
ML-Series card and generate an RSA key pair.
When you generate RSA keys, you are prompted to enter a modulus
length. The default modulus length is 512 bits. A longer modulus length
might be more secure, but it takes longer to generate and to use.
Step 5
Router (config)# ip ssh timeout
seconds
Specify the timeout value in seconds; the default is 120 seconds. The
range is 0 to 120 seconds. This parameter applies to the SSH negotiation
phase. After the connection is established, the ML-Series card uses the
default timeout values of the CLI-based sessions.
By default, up to five simultaneous, encrypted SSH connections for
multiple CLI-based sessions over the network are available (session 0
to session 4). After the execution shell starts, the CLI-based session
timeout value returns to the default of 10 minutes.
Step 6
Router (config)# ip ssh
authentication-retries number
Specify the number of times that a client can reauthenticate to the
server. The default is 3; the range is 0 to 5.
Step 7
Router (config)# end
Return to privileged EXEC mode.
Step 8
Router # show ip ssh
or
Router # show ssh
Displays the version and configuration information for your SSH
server.
Displays the status of the SSH server on the ML-Series card.
Step 9
Router # show crypto key mypubkey
rsa
Displays the generated RSA key pair associated with this ML-Series
card.
Step 10
Router # copy running-config
startup-config
(Optional) Save your entries in the configuration file.
- Configuration Guide 1
- CONTENTS 3
- 5 Configuring POS 5-1 4
- 6 Configuring Bridges 6-1 5
- 8 Configuring VLANs 8-1 6
- 12 Configuring IRB 12-1 8
- Contents 10
- January 2009 10
- 21 Configuring RMON 21-1 13
- 22 Configuring SNMP 22-1 14
- A Command Reference A-1 18
- About this Guide 27
- Document Objectives 28
- Audience 28
- Document Organization 28
- Related Documentation 30
- Document Conventions 31
- Waarschuwing 32
- Varoitus 32
- Attention 32
- Avvertenza 33
- Advarsel 33
- ¡Advertencia! 33
- Varning! 33
- ML-Series Card Overview 39
- ML-Series Feature List 40
- ML-Series Feature List 41
- CTC Operations 45
- Baseline 46
- Auto-Refresh 46
- Chapter 2 CTC Operations 47
- Managing SONET/SDH Alarms 48
- J1 Path Trace 49
- J1 Path Trace 50
- Initial Configuration 51
- Figure 3-1 CTC IOS Window 53
- Node IP address 54
- RJ-45 Cable 56
- RJ-11 to RJ-45 56
- Console Port Adapter Cable 56
- ML1000-2 CONSOLE Port 56
- Startup Configuration File 57
- Passwords 58
- Configuring the Hostname 59
- Multiple Microcode Images 61
- Cisco IOS Command Modes 63
- Using the Command Modes 65
- Getting Help 66
- Configuring Interfaces 67
- MAC Addresses 68
- Interface Port ID 68
- Basic Interface Configuration 69
- Configuration 70
- Chapter 5, “Configuring POS.” 76
- CRC Threshold Configuration 77
- Interfaces 78
- Configuring POS 81
- Chapter 5 Configuring POS 82
- SW-LCAS 83
- Setting the MTU Size 85
- SONET/SDH Alarms 86
- Configuring SONET/SDH Alarms 87
- C2 Byte and Scrambling 88
- Monitoring and Verifying POS 89
- POS Configuration Examples 91
- ML_Series_A 92
- Configuring Bridges 97
- Configuring Basic Bridging 98
- SONET/SDH 99
- IP Routing Mode 101
- No IP Routing Mode 102
- Bridge CRB Mode 103
- Bridge IRB Mode 104
- Chapter 6 Configuring Bridges 106
- Bridge IRB Mode 106
- Configuring STP and RSTP 107
- STP Overview 108
- Supported STP Instances 108
- Bridge Protocol Data Units 108
- Election of the Root Switch 109
- Spanning-Tree Timers 110
- Blocking State 112
- Listening State 113
- Learning State 113
- Forwarding State 113
- Disabled State 113
- STP and IEEE 802.1Q Trunks 114
- Supported RSTP Instances 115
- Rapid Convergence 116
- Rapid Convergence 117
- Synchronization of Port Roles 118
- Table 7-4 RSTP BPDU Flags 119
- Topology Changes 120
- Disabling STP and RSTP 122
- Configuring the Root Switch 123
- Configuring the Port Priority 123
- Configuring the Path Cost 124
- Configuring the Hello Time 125
- Configuring VLANs 129
- ONS 15454 130
- Chapter 8 Configuring VLANs 134
- Protocol Tunneling 135
- IEEE 802.1Q Example 139
- Figure 9-3 ERMS Example 141
- Configuring Link Aggregation 149
- Configuring EtherChannel 150
- Configuring POS Channel 152
- ML_Series A 154
- ML_Series B 154
- Enabling IP Routing 161
- Configuring IP Routing 162
- Configuring RIP 163
- RIP Authentication 165
- Configuring OSPF 167
- Configuring OSPF 168
- OSPF Interface Parameters 171
- OSPF Area Parameters 172
- Change LSA Group Pacing 176
- Loopback Interface 177
- Monitoring OSPF 177
- Configuring EIGRP 178
- Configuring EIGRP 179
- EIGRP Router Mode Commands 180
- EIGRP Interface Mode Commands 181
- Configuring BGP 185
- Table 11-6 BGP Show Commands 186
- Configuring IS-IS 187
- Configuring Static Routes 189
- Monitoring Static Routes 190
- Configuring IRB 195
- IRB Configuration Example 197
- Monitoring and Verifying IRB 198
- Configuring VRF Lite 201
- vrf-name 207
- Understanding QoS 209
- Ethernet CoS 211
- ML-Series QoS 212
- Policing 213
- Scheduling 214
- Scheduling 215
- Egress Priority Marking 216
- Ingress Priority Marking 216
- Flow Control Pause and QoS 217
- QoS on Cisco Proprietary RPR 218
- Configuring QoS 220
- Creating a Traffic Policy 221
- Configuring CoS-Based QoS 225
- QoS Configuration Examples 226
- ML-Series VoIP Example 229
- ML-Series Policing Example 229
- Router_a 230
- Default Multicast QoS 232
- QoS not Configured on Egress 235
- Understanding IP SLA 239
- IP SLA on the ML-Series 240
- Understanding the SDM 243
- Understanding SDM Regions 243
- Configuring SDM 244
- Monitoring and Verifying SDM 245
- Monitoring and Verifying SDM 246
- Understanding ACLs 247
- ML-Series ACL Support 247
- Named IP ACLs 248
- User Guidelines 248
- Creating IP ACLs 249
- Modifying ACL TCAM Size 251
- Modifying ACL TCAM Size 252
- Role of SONET/SDH Circuits 254
- Packet Handling Operations 254
- Ring Wrapping 255
- Fiber Cut 256
- ML-Series RPR 256
- Ring Wrap 256
- MAC Address and VLAN Support 258
- Cisco Proprietary RPR QoS 259
- ML-Series Card 264
- Access Ports 270
- LFP Sequence 281
- Configuring LFP 282
- Monitoring and Verifying LFP 283
- (mpls) working 284
- Balancing 288
- Understanding EoMPLS 293
- Understanding EoMPLS 294
- EoMPLS Support 295
- EoMPLS Restrictions 295
- EoMPLS Quality of Service 295
- Configuring EoMPLS 296
- EoMPLS Configuration Example 301
- VC Type 5 302
- Understanding MPLS-TE 305
- Configuring MPLS-TE 306
- Configuring an MPLS-TE Tunnel 307
- MPLS-TE Configuration Example 308
- RPRW Alarm 311
- RPRW Alarm 312
- Understanding Security 313
- Understanding SSH 314
- Configuring SSH 315
- Configuring the SSH Server 316
- RADIUS on the ML-Series Card 318
- RADIUS Relay Mode 318
- RADIUS Stand Alone Mode 319
- Understanding RADIUS 320
- Configuring RADIUS 320
- Default RADIUS Configuration 321
- Release 12.2 at: 323
- Defining AAA Server Groups 325
- Starting RADIUS Accounting 328
- POS on ONS Ethernet Cards 333
- POS Interoperability 334
- Encapsulation Type and CRC 335
- POS Encapsulation Types 336
- Figure 20-2 RPR Data Frames 337
- Cisco HDLC 338
- POS Framing Modes 339
- Configuring RMON 345
- Chapter 21 Configuring RMON 347
- Clearing of CRC-ALARM 351
- Unwrap Synchronization 352
- Unwrap Synchronization 353
- Bidirectional Errors 354
- User issues 356
- Displaying RMON Status 364
- Displaying RMON Status 366
- Configuring SNMP 367
- SNMP on the ML-Series Card 368
- SNMP Versions 369
- SNMP Manager Functions 369
- SNMP Agent Functions 370
- SNMP Community Strings 370
- Supported MIBs 371
- SNMP Notifications 371
- Disabling the SNMP Agent 373
- Configuring Community Strings 373
- Chapter 22 Configuring SNMP 374
- SNMP Examples 379
- Displaying SNMP Status 380
- G-Series Application 381
- G1K-4 and G1000-4 Comparison 382
- G-Series Example 383
- /SDH Circuits 384
- ONS Node 384
- Point-to-Point Circuit 387
- ONS Node ONS Node 387
- Gigabit Ethernet Ports 391
- E-Series Application 393
- E-Series Modes 394
- Port-Mapped (Linear Mapper) 395
- E-Series VLAN Support 397
- Data Flow 399
- Redundant path (blocked) 401
- Primary path (forwarding) 401
- E-Series Circuit Protection 404
- CE-100T-8 Ethernet Operation 409
- CE-100T-8 Ethernet Features 410
- Figure 24-2 Flow Control 411
- RMON and SNMP Support 414
- Statistics and Counters 414
- CE-100T-8 Pools 419
- CE-100T-8 Pools 420
- Both Port 6 and Port 7 421
- CE-1000-4 Ethernet Operation 425
- CE-1000-4 Ethernet Features 426
- Flow Control 427
- Understanding RPR-IEEE 433
- Advantages of RPR-IEEE 434
- RPR-IEEE Framing Process 435
- RPR-IEEE Framing Process 436
- CTM and RPR-IEEE 438
- Configuring Jumbo Frames 442
- Configuring Protection Timers 444
- Configuring a Span Shutdown 446
- Configuring Keepalive Events 446
- Configuring QoS on RPR-IEEE 449
- Configuring Fairness Weights 451
- Provisioning Card Mode 463
- RI Configuration Example 471
- RI Configuration Example 474
- Command Reference 475
- Appendix A Command Reference 476
- [no] clock auto 477
- interface spr 1 478
- microcode fail system-reload 480
- [no] pos pdi holdoff time 481
- [no] pos report alarm 482
- [no] pos scramble-spe 484
- [no] rpr-ieee ri foreign 487
- [no] rpr-ieee report alarm 498
- Related Commands show int pos 519
- show ons alarm 521
- Related Commands None 551
- [no] shutdown 552
- and the 557
- At the PE1 interface: 558
- At the PE2 interface: 558
- Unsupported CLI Commands 559
- Commands 562
- Configuration Commands 563
- Using Technical Support 567
- Numerics 571
Manuais e produtos relacionados com Software Cisco Systems 15327
Software Cisco Systems CSACS3415K9 Manual do Utilizador
(678 páginas)
(678 páginas)
Software Cisco Systems OL-8155-01 Manual do Utilizador
(150 páginas)
(150 páginas)
Software Cisco Systems H.323/SIP Guia do Utilizador
(54 páginas)
(54 páginas)
Software Cisco Systems ESW 500 Manual do Utilizador
(442 páginas)
(442 páginas)
Software Cisco Systems OL-3995-01 Manual do Utilizador
(120 páginas)
(120 páginas)
Software Cisco Systems 6500/7600 Manual do Utilizador
(134 páginas)
(134 páginas)
Software Cisco Systems OL-7029-01 Manual do Utilizador
(342 páginas)
(342 páginas)
Software Cisco Systems 1.4 Manual do Utilizador
(146 páginas)
(146 páginas)
Software Cisco Systems OL-6415-04 Manual do Utilizador
(188 páginas)
(188 páginas)
Software Cisco Systems OL-10984-01 Manual do Utilizador
(104 páginas)
(104 páginas)
© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.096 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais