Home » HP Manuals » Repeaters & Transceivers » HP GbE2c » Manual Viewer

HP GbE2c HP GbE2c Ethernet Blade Switch for c-Class BladeSystem ISCLI Referenc - Page 84

RADIUS server configuration, no] radius-server primary-host - ethernet blade switch default password

UPC - 808736802215

Add to My Manuals
Save this manual to your list of manuals

Page 84 highlights

Table 77 SSHD Configuration commands Command Description ssh generate-server-key Generates the RSA server key. The switch creates this key automatically while configuring the switch with Secure Shell (SSH). You can generate the key manually by using this command if you need to overwrite the key for security reasons. The command will take effect immediately. Command mode: Global configuration ssh port Sets the SSH server port number. Command mode: Global configuration ssh scp-enable Enables the SCP apply and save. Command mode: Global configuration no ssh scp-enable Disables the SCP apply and save. This is the default for SCP. Command mode: Global configuration ssh enable Enables the SSH server. Command mode: Global configuration no ssh enable Disables the SSH server. This is the default for the SSH server. Command mode: Global configuration show ssh Displays the current SSH server configuration. Command mode: All RADIUS server configuration NOTE: See the HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Application Guide for information on RADIUS. The following table describes the RADIUS Server Configuration commands. Table 78 RADIUS Server Configuration commands Command [no] radius-server primary-host key [no] radius-server secondaryhost key radius-server port radius-server retransmit radius-server timeout [no] radius-server telnetbackdoor [no] radius-server securebackdoor Description Sets the primary RADIUS server address and shared secret between the switch and the RADIUS server(s). Command mode: Global configuration Sets the secondary RADIUS server address and shared secret between the switch and the RADIUS server(s). Command mode: Global configuration Enter the number of the User Datagram Protocol (UDP) port to be configured, between 1500-3000. The default is 1645. Command mode: Global configuration Sets the number of failed authentication requests before switching to a different RADIUS server. The range is 1-3 requests. The default is 3 requests. Command mode: Global configuration Sets the amount of time, in seconds, before a RADIUS server authentication attempt is considered to have failed. The range is 1-10 seconds. The default is 3 seconds. Command mode: Global configuration Enables or disables the RADIUS back door for telnet/SSH/ HTTP/HTTPS. This command does not apply when secure backdoor is enabled. Command mode: Global configuration Enables or disables the RADIUS back door using secure password for telnet/SSH/ HTTP/HTTPS. This command does not apply when backdoor (telnet) is enabled. Command mode: Global configuration Configuration Commands 84

Section	Page
HP GbE2c Ethernet Blade Switch for c-Class BladeSystem ISCLI Reference Guide	1
Notice	2
Contents	3
ISCLI Reference	8
Introduction	8
Additional references	8
Connecting to the switch	8
Establishing a console connection	8
Setting an IP address	9
Establishing a Telnet connection	9
Establishing an SSH connection	9
Accessing the switch	10
Idle timeout	11
Typographical conventions	11
ISCLI basics	13
Introduction	13
Accessing the ISCLI	13
ISCLI Command Modes	13
Global commands	14
Command line interface shortcuts	15
Command abbreviation	15
Tab completion	15
Information Commands	16
Introduction	16
System Information commands	17
SNMPv3 Information commands	17
SNMPv3 USM User Table information	18
SNMPv3 View Table information	18
SNMPv3 Access Table information	19
SNMPv3 Group Table information	20
SNMPv3 Community Table information	20
SNMPv3 Target Address Table information	21
SNMPv3 Target Parameters Table information	21
SNMPv3 Notify Table information	22
SNMPv3 dump	23
System information	24
Show recent syslog messages	25
System user information	25
Layer 2 information	26
FDB information commands	27
Show all FDB information	28
Clearing entries from the forwarding database	28
Link Aggregation Control Protocol information	28
LACP dump	29
802.1x information	30
Spanning Tree information	31
Rapid Spanning Tree and Multiple Spanning Tree information	33
Common Internal Spanning Tree information	35
Trunk group information	36
VLAN information	37
Layer 3 information	38
Route information	38
Show all IP Route information	39
ARP information	40
Show all ARP entry information	40
ARP address list information	41
OSPF information	41
OSPF general information	42
OSPF interface information	42
OSPF Database information	43
OSPF route codes information	44
Routing Information Protocol	44
RIP Routes information	44
RIP user configuration	45
IP information	45
IGMP multicast group information	45
IGMP multicast router port information	46
VRRP information	46
802.1p information	47
ACL information	48
RMON Information	48
RMON history information	48
RMON alarm information	49
RMON event information	50
Link status information	51
Port information	52
Logical Port to GEA Port mapping	53
Uplink Failure Detection information	53
Information dump	54
Statistics commands	55
Introduction	55
Port Statistics	55
802.1x statistics	56
Bridging statistics	58
Ethernet statistics	58
Interface statistics	60
Internet Protocol (IP) statistics	61
Link statistics	62
Layer 2 statistics	62
FDB statistics	62
LACP statistics	63
Layer 3 statistics	63
IP statistics	64
Route statistics	65
ARP statistics	65
DNS statistics	65
ICMP statistics	66
TCP statistics	67
UDP statistics	68
IGMP Multicast Group statistics	68
OSPF statistics	69
OSPF global statistics	70
VRRP statistics	72
RIP statistics	73
GEA Layer 3 statistics	73
GEA Layer 3 statistics	74
Management Processor statistics	74
Packet statistics	74
TCP statistics	75
UDP statistics	75
CPU statistics	76
ACL statistics	76
SNMP statistics	76
NTP statistics	79
Uplink Failure Detection statistics	79
Statistics dump	80
Configuration Commands	81
Introduction	81
Viewing and saving changes	81
Saving the configuration	81
System configuration	81
System host log configuration	82
Secure Shell Server configuration	83
RADIUS server configuration	84
TACACS+ server configuration	85
NTP server configuration	86
System SNMP configuration	87
SNMPv3 configuration	88
User Security Model configuration	89
SNMPv3 View configuration	90
View-based Access Control Model configuration	90
SNMPv3 Group configuration	91
SNMPv3 Community Table configuration	91
SNMPv3 Target Address Table configuration	92
SNMPv3 Target Parameters Table configuration	92
SNMPv3 Notify Table configuration	93
System Access configuration	93
Management Networks configuration	94
User Access Control configuration	94
User ID configuration	95
HTTPS Access configuration	95
Port configuration	96
Temporarily disabling a port	97
Port link configuration	97
ACL Port configuration	98
Layer 2 configuration	98
802.1x configuration	98
802.1x Global configuration	99
802.1x Port configuration	100
Rapid Spanning Tree Protocol / Multiple Spanning Tree Protocol configuration	101
Common Internal Spanning Tree configuration	102
CIST bridge configuration	102
CIST port configuration	103
Spanning Tree configuration	104
Bridge Spanning Tree configuration	104
Spanning Tree port configuration	105
Forwarding Database configuration	106
Static FDB configuration	107
Trunk configuration	107
Layer 2 IP Trunk Hash configuration	108
Link Aggregation Control Protocol configuration	108
LACP Port configuration	109
VLAN configuration	109
Layer 3 configuration	110
IP interface configuration	110
Default Gateway configuration	111
IP Static Route configuration	112
Address Resolution Protocol configuration	112
IP Forwarding configuration	112
Network Filter configuration	113
Route Map configuration	113
IP Access List configuration	114
Autonomous System Path configuration	115
Routing Information Protocol configuration	115
RIP Interface configuration	115
RIP Route Redistribution configuration	117
Open Shortest Path First configuration	117
OSFP Area Index configuration	118
OSPF Summary Range configuration	119
OSPF Interface configuration	119
OSPF Virtual Link configuration	120
OSPF Host Entry configuration	121
OSPF Route Redistribution configuration	121
OSPF MD5 Key configuration	122
IGMP configuration	122
IGMP snooping configuration	122
IGMP static multicast router configuration	123
IGMP filtering configuration	124
IGMP filter definition	124
IGMP filtering port configuration	124
Domain Name System configuration	125
Bootstrap Protocol Relay configuration	125
Virtual Router Redundancy Protocol configuration	126
VRRP Virtual Router configuration	126
VRRP Virtual Router Priority Tracking configuration	127
VRRP Virtual Router Group configuration	128
VRRP Virtual Router Group Priority Tracking configuration	129
VRRP Interface configuration	130
VRRP Tracking configuration	130
Quality of Service configuration	131
QoS 802.1p configuration	131
Access Control configuration	131
Access Control List configuration	131
ACL Ethernet Filter configuration	132
ACL IP Version 4 Filter configuration	132
ACL TCP/UDP Filter configuration	133
ACL Packet Format configuration	133
ACL Metering configuration	134
ACL Re-mark configuration	134
ACL Re-mark In-Profile configuration	134
Re-Mark Update User Priority configuration	135
ACL Re-mark Out-of-Profile configuration	135
ACL Group configuration	135
Remote Monitoring configuration	136
RMON history configuration	136
RMON event configuration	136
RMON alarm configuration	137
Port mirroring	138
Port-based port mirroring	138
Uplink Failure Detection configuration	139
Failure Detection Pair configuration	139
Link to Monitor configuration	139
Link to Disable configuration	140
Configuration Dump	140
Saving the active switch configuration	140
Restoring the active switch configuration	140
Operations Commands	141
Introduction	141
Operations-level port options	141
Operations-level port 802.1x options	141
Operations-level VRRP options	142
Boot Options	143
Introduction	143
Updating the switch software image	143
Downloading new software to the switch	143
Selecting a software image to run	144
Uploading a software image from the switch	144
Selecting a configuration block	145
Resetting the switch	146
Accessing the AOS CLI	146
Maintenance Commands	147
Introduction	147
System maintenance	147
Forwarding Database maintenance	147
Debugging options	148
ARP cache maintenance	148
IGMP Snooping maintenance	149
IGMP Mrouter maintenance	149
Uuencode flash dump	149
FTP/TFTP system dump put	150
Clearing dump information	150
Panic command	150
Unscheduled system dumps	151

Match case Limit results 1 per page

Configuration Commands 84

Table 77

SSHD Configuration commands

Command

Description

ssh generate-server-key

Generates the RSA server key. The switch creates this key automatically while

configuring the switch with Secure Shell (SSH). You can generate the key manually

by using this command if you need to overwrite the key for security reasons. The

command will take effect immediately.

Command mode

: Global configuration

ssh port

Sets the SSH server port number.

Command mode

: Global configuration

ssh scp-enable

Enables the SCP apply and save.

Command mode

: Global configuration

no ssh scp-enable

Disables the SCP apply and save. This is the default for SCP.

Command mode

: Global configuration

ssh enable

Enables the SSH server.

Command mode

: Global configuration

no ssh enable

Disables the SSH server. This is the default for the SSH server.

Command mode

: Global configuration

show ssh

Displays the current SSH server configuration.

Command mode

: All

RADIUS server configuration

NOTE:

See the

HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Application Guide

for information on

RADIUS.

The following table describes the RADIUS Server Configuration commands.

Table 78

RADIUS Server Configuration commands

Command

Description

[no] radius-server primary-host

key

<1-32

characters>

Sets the primary RADIUS server address and shared secret between the

switch and the RADIUS server(s).

Command mode

: Global configuration

[no] radius-server secondary-

host

key

<1-32

characters>

Sets the secondary RADIUS server address and shared secret between the

switch and the RADIUS server(s).

Command mode

: Global configuration

radius-server port

<UDP port

number>

Enter the number of the User Datagram Protocol (UDP) port to be

configured, between 1500-3000. The default is 1645.

Command mode

: Global configuration

radius-server retransmit

<1-3>

Sets the number of failed authentication requests before switching to a

different RADIUS server. The range is 1-3 requests. The default is 3

requests.

Command mode

: Global configuration

radius-server timeout

<1-10>

Sets the amount of time, in seconds, before a RADIUS server

authentication attempt is considered to have failed. The range is 1-10

seconds. The default is 3 seconds.

Command mode

: Global configuration

[no] radius-server telnet-

backdoor

Enables or disables the RADIUS back door for telnet/SSH/ HTTP/HTTPS.

This command does not apply when secure backdoor is enabled.

Command mode

: Global configuration

[no] radius-server secure-

backdoor

Enables or disables the RADIUS back door using secure password for

telnet/SSH/ HTTP/HTTPS. This command does not apply when backdoor

(

telnet

) is enabled.

Command mode

: Global configuration