HP 12500 Series Configuration Manual page 7

IKE configuration example ·········································································································································· 204
Troubleshooting IKE ····················································································································································· 205
Invalid user ID ······················································································································································ 206
Proposal mismatch ·············································································································································· 206
Failing to establish an IPsec tunnel ···················································································································· 206
ACL configuration error ······································································································································ 207
Configuring SSH ····················································································································································· 208
Overview ······································································································································································· 208
SSH operation ····················································································································································· 208
SSH authentication ·············································································································································· 209
SSH support for MPLS L3VPN ···························································································································· 210
FIPS compliance ··························································································································································· 210
Configuring the device as an SSH server ·················································································································· 210
SSH server configuration task list ······················································································································ 210
Generating local DSA or RSA key pairs ··········································································································· 211
Enabling the SSH server function ······················································································································· 211
Enabling the SFTP server function ······················································································································ 212
Configuring the user interfaces for SSH clients ································································································ 212
Configuring a client's host public key ··············································································································· 212
Configuring an SSH user ···································································································································· 214
Setting the SSH management parameters ········································································································ 215
Configuring the device as an Stelnet client ··············································································································· 216
Stelnet client configuration task list ···················································································································· 216
Specifying a source IP address or source interface for the Stelnet client ······················································ 216
Enabling and disabling first-time authentication ······························································································ 217
Establishing a connection to an Stelnet server ································································································· 217
Configuring the device as an SFTP client ·················································································································· 218
SFTP client configuration task list ······················································································································· 218
Specifying a source IP address or source interface for the SFTP client ························································· 218
Establishing a connection to an SFTP server ···································································································· 219
Working with SFTP directories ··························································································································· 219
Working with SFTP files ······································································································································ 220
Displaying help information ······························································································································· 221
Terminating the connection with the SFTP server ····························································································· 221
Configuring the device as an SCP client ··················································································································· 221
SCP client configuration task list ························································································································ 221
Transferring files with an SCP server ················································································································· 221
Displaying and maintaining SSH ······························································································································· 222
Stelnet configuration examples ··································································································································· 222
Password authentication enabled Stelnet server configuration example ······················································ 223
Publickey authentication enabled Stelnet server configuration example ······················································· 225
Password authentication enabled Stelnet client configuration example ························································ 230
Publickey authentication enabled Stelnet client configuration example ························································ 233
SFTP configuration examples ······································································································································ 235
Password authentication enabled SFTP server configuration example ·························································· 235
Publickey authentication enabled SFTP client configuration example ··························································· 237
File transfer with password authentication ······································································································· 241
Configuring blacklist ··············································································································································· 243
Overview ······································································································································································· 243
Configuring the blacklist function ······························································································································· 243
Displaying and maintaining the blacklist ·················································································································· 244
Blacklist configuration example ·································································································································· 244
Network requirements ········································································································································· 244
v