HP 10500 Series Configuration Manual page 361
Security configuration guide
Hide thumbs
Also See for 10500 Series:
- Security configuration manual (596 pages) ,
- Configuration manual (512 pages) ,
- Specifications (42 pages)
Table of Contents
Advertisement
ARP
attack
protection
configuration, 259
ARP restricted forwarding configuration, 262
auto-mode MFF in ring network configuration, 278
auto-mode MFF in tree network configuration, 277
enabling ARP attack protection black hole routing,
252
IPv6 ND attack defense configuration, 266
manual-mode MFF in ring network configuration,
282
manual-mode MFF in tree network configuration,
280
MFF configuration, 273, 275, 277
port security autoLearn configuration, 176
port security configuration, 166, 176
port
security
macAddressElseUserLoginSecure
configuration, 183
port security userLoginWithOUI configuration, 178
URPF configuration, 268, 271, 272
verifying 802.1X configuration, 100
RR (ICMPv6 redirect message), 266
RS (ICMPv6 router solicitation message), 266
rule
configuring a portal-free rule, 134
setting rule timer (EAD fast deployment), 107
SA
IKE configuration, 315
IKE functions, 316
IKE keepalive interval, 321
IKE keepalive timeout, 321
IKE NAT keepalive timer, 321
IKE negotiation, 315
IKE operation, 315
saving host public key to a file, 193
scheme
AAA configuration, 16
configuring (HWTACACS), 32
configuring RADIUS, 20
configuring RADIUS accounting-on, 29
creating (RADIUS), 21
setting RADIUS shared keys, 23
specifying RADIUS scheme VPN, 23
SCP
configuring device as SSH SCP client, 215
transferring files with an SCP server, 216
secure
mode (port security MAC address learning), 168
shell. See SSH
security
AAA configuration, 1
applying IPsec policy, 309
user
validity
check
authentication and encryption algorithms (IPsec),
301
check function (portal authentication), 124
conditional self-test, 295
configuring ACL for IPsec, 303
configuring IPsec, 302
configuring IPsec anti-replay, 310
configuring IPsec policy using IKE, 307
configuring IPsec session idle timeout, 309
configuring IPsec transform set, 304
configuring IPsec tunnel using IKE, 312
configuring manual IPsec policy, 305
configuring packet information pre-extraction for
IPsec, 31 1
configuring portal detection functions, 139
configuring portal server detection functions, 139
data authentication, 315
DH algorithm, 315
displaying and maintaining IPsec, 312
EAD fast deployment configuration, 106, 108
enabling ACL checking for de-encapsulated IPsec
packets, 310
enabling FIPS mode, 296
enabling invalid SPI recovery, 31 1
FIPS configuration, 295, 296, 297
FIPS self-test, 295
IKE configuration, 315
IKE mechanism, 315
implementing ACL-based IPsec, 302
IPsec basic concepts, 299
IPsec configuration, 299
IPsec encapsulation modes, 300
IPsec protocols, 299
IPsec SA, 300
IPsec SA setup modes, 301
IPsec tunnel, 301
known-answer test, 295
mechanism (RADIUS), 2
password control configuration, 284, 286, 292
password control enable, 287
password control global parameters, 288
password control local user parameters, 290
password control user group parameters, 289
PFS feature, 315
policy server (portal authentication), 125
port configuration, 166, 176
port security autoLearn configuration, 176
port
security
configuration, 183
port security userLoginWithOUI configuration, 178
power-up self-test, 295
351
macAddressElseUserLoginSecure
Advertisement
Table of Contents
Troubleshooting
