Dell PowerEdge FX2 Dell PowerEdge FN I/O Aggregator Configuration Guide 9.6(0 - Page 175
VTY Line and Access-Class Configuration, VTY Line Local Authentication and Authorization
View all Dell PowerEdge FX2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 175 highlights
The Telnet server or client is VRF-aware. You can enable a Telnet server or client to listen to a specific VRF by using the vrf vrf-instance-name parameter in the telnet command. This capability enables a Telent server or client to look up the correct routing table and establish a connection. Example of Using Telnet for Remote Login Dell(conf)#ip telnet server enable Dell(conf)#no ip telnet server enable VTY Line and Access-Class Configuration Various methods are available to restrict VTY access in Dell Networking OS. These depend on which authentication scheme you use - line, local, or remote. Table 17. VTY Access Authentication Method VTY access-class support? Username access-class Remote authorization support? support? Line YES NO NO Local NO YES NO TACACS+ YES NO YES (with Dell Networking OS version 5.2.1.0 and later) RADIUS YES NO YES (with Dell Networking OS version 6.1.1.0 and later) Dell Networking OS provides several ways to configure access classes for VTY lines, including: • VTY Line Local Authentication and Authorization • VTY Line Remote Authentication and Authorization VTY Line Local Authentication and Authorization Dell Networking OS retrieves the access class from the local database. To use this feature: 1. Create a username. 2. Enter a password. 3. Assign an access class. 4. Enter a privilege level. You can assign line authentication on a per-VTY basis; it is a simple password authentication, using an access-class as authorization. Configure local authentication globally and configure access classes on a per-user basis. Dell Networking OS can assign different access classes to different users by username. Until users attempt to log in, Dell Networking OS does not know if they will be assigned a VTY line. This means that incoming users always see a login prompt even if you have excluded them from the VTY line with a denyall access class. After users identify themselves, Dell Networking OS retrieves the access class from the Security 175