HP PROCURVE 3400CL-24G User Manual Page 64
- Page / 197
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
54
Enhancements
Release M.10.02 Enhancements
General Steps
These steps suggest a process for using ACLs to establish client access policies. The topics following
this section provide details.
1. Determine the polices you want to enforce for client traffic inbound on the switch.
2. Plan ACLs to execute traffic policies:
• Apply ACLs on a per-client basis where individual clients need different traffic policies
or where each client must have a different username/password pair or will authenticate
using MAC authentication.
• Apply ACLs on a client group basis where all clients in a given group can use the same
traffic policy and the same username/password pair.
3. Configure the ACLs on a RADIUS server accessible to the intended clients.
4. Configure the switch to use the desired RADIUS server and to support the desired client
authentication scheme. Options include 802.1X, Web authentication, or MAC authentication.
(Note that the switch supports the option of simultaneously using 802.1X with either Web or
MAC authentication.)
5. Test client access on the network to ensure that your RADIUS-based ACL application is properly
enforcing your policies.
Determining Traffic Policies
This section assumes that the RADIUS server needed by a client for authentication and ACL
assignments is accessible from any switch that authorized clients may use.
Begin by defining the policies you want an ACL to enforce for a given client or group of clients. This
includes the type of IP traffic permitted or not permitted from the client(s) and the areas of the
network the client(s) are authorized or not authorized to use.
■ What traffic should you permit for the client? In some cases you will need to explicitly identify
permitted traffic. In other cases, depending on your policies, you can insert a permit in ip from
any to any entry at the end of the ACL so that all IP traffic (from the authenticated client) that
is not specifically matched by earlier entries in the list will be permitted. This may be the
best choice for an ACL that begins by defining the inbound client IP traffic that should be
dropped.
■ What traffic must be explicitly blocked for the client or group? This can include requests to
access to “off-limits” subnets, unauthorized access to the internet, access to sensitive data
storage or restricted equipment, and preventing the use of specific TCP or UDP applications
such as Telnet, SSH, and web browser access to the switch.
■ What traffic can be blocked simply by relying on the implicit deny in ip from any to any that is
automatically included at the end of every ACL? This can reduce the number of entries
needed in an ACL.
- Version M.10.72 Software 1
- http://www.openssl.org 2
- Contents 3
- Software Management 11
- TFTP Download from a Server 13
- Send button 14
- Enforcing Switch Security 20
- Local Manager Password 21
- Secure File Transfers 21
- Physical Access to the Switch 23
- Network Access Security 25
- Secure Shell (SSH) 26
- Traffic/Security Filters 26
- 802.1X Access Control 27
- Clarifications and Updates 30
- IGMP Command Update 31
- Rate-Limiting 33
- Known Issues 34
- Release M.08.78 Enhancements 36
- Release M.08.79 Enhancements 36
- Release M.08.84 Enhancements 38
- Release M.08.89 Enhancements 38
- Basic Operation 39
- Configuring a DNS Entry 41
- Event Log Messages 45
- Security Notes 46
- QoS Pass-Through Mode 49
- Release M.08.94 Enhancements 52
- UDP Broadcast Forwarding 54
- Release M.08.96 Enhancements 55
- Release M.10.02 Enhancements 55
- General Operation 59
- The Packet-filtering Process 60
- General Steps 64
- Determining Traffic Policies 64
- Item Limit Notes 67
- ■ vendor and ACL identifiers: 68
- SFlow Show Commands 78
- Release M.10.04 Enhancements 80
- Known Limitations 82
- Examples 84
- TCP/UDP Port Closure 85
- Enabling/Disabling TFTP 86
- Enabling/Disabling SNMP 86
- Enabling/Disabling RIP 86
- Spanning Tree Show Commands 87
- Release M.10.05 Enhancements 89
- Release M.10.06 Enhancements 89
- Release M.10.07 Enhancements 90
- Release M.10.08 Enhancements 90
- Release M.10.09 Enhancements 90
- Configuration Considerations 92
- Configuring UDLD 92
- Viewing UDLD Information 94
- Port 4 is shown as blocked 96
- Release M.10.10 Enhancements 98
- Release M.10.13 Enhancements 101
- Release M.10.17 Enhancements 101
- Terminology 102
- Enhancements 103
- Release M.10.21 Enhancements 105
- Release M.10.22 Enhancements 105
- Release M.10.25 Enhancements 107
- Release M.10.26 Enhancements 107
- Release M.10.23 Enhancements 107
- Release M.10.24 Enhancements 107
- Release M.10.27 Enhancements 108
- Release M.10.28 Enhancements 110
- Release M.10.29 Enhancements 110
- Release M.10.30 Enhancements 110
- Release M.10.31 Enhancements 110
- Release M.10.32 Enhancements 111
- Release M.10.33 Enhancements 112
- Operating Notes 113
- Release M.10.34 Enhancements 118
- Release M.10.35 Enhancements 119
- Configuring Trusted Ports 121
- Release M.10.36 Enhancements 125
- Release M.10.37 Enhancements 125
- Release M.10.38 Enhancements 128
- Send SNMP v2c Informs 129
- Release M.10.39 Enhancements 130
- RADIUS Server Unavailable 131
- ARP Age Timer Increase 134
- Release M.10.40 Enhancements 136
- Release M.10.41 Enhancements 136
- Release M.10.42 Enhancements 136
- Release M.10.43 Enhancements 136
- Adding a Static Binding 142
- Release M.10.65 Enhancements 146
- Enabling MSTP on the Switch 147
- Release M.10.66 Enhancements 150
- Adding a Priority Description 151
- Switches 152
- Release M.10.67 Enhancements 153
- Release M.10.68 Enhancements 153
- Release M.10.69 Enhancements 154
- Release M.10.70 Enhancements 154
- Release M.10.71 Enhancements 154
- Release M.10.72 Enhancements 154
- Release M.08.52 155
- Release M.08.54 155
- Release M.08.61 155
- Release M.08.62 157
- Release M.08.63 157
- Release M.08.64 158
- Release M.08.65 158
- Release M.08.66 158
- Release M.08.67 158
- Release M.08.68 159
- Release M.08.69 159
- Release M.08.70 160
- Release M.08.71 160
- Release M.08.72 161
- Release M.08.73 161
- Release M.08.74 161
- Release M.08.75 162
- Release M.08.76 162
- Release M.08.77 162
- Release M.08.78 163
- Release M.08.79 163
- Release M.08.80 163
- Release M.08.81 163
- Release M.08.82 163
- Release M.08.83 164
- Release M.08.84 164
- Release M.08.85 164
- Release M.08.86 164
- Release M.08.87 165
- Release M.08.88 165
- Release M.08.89 165
- Release M.08.90 166
- Release M.08.91 166
- Release M.08.92 166
- Release M.08.93 167
- Release M.08.94 167
- Release M.08.95 167
- Release M.08.96 167
- Release M.08.97 168
- Release M.10.01 168
- Release M.10.02 168
- Release M.10.03 168
- Release M.10.04 169
- Release M.10.05 169
- Release M.10.06 169
- Release M.10.07 170
- Release M.10.08 170
- Release M.10.09 171
- Release M.10.10 171
- Release M.10.13 172
- Release M.10.11 172
- Release M.10.12 172
- Release M.10.14 173
- Release M.10.15 173
- Release M.10.16 173
- Release M.10.17 174
- Release M.10.20 174
- Release M.10.21 175
- Release M.10.22 175
- Release M.10.23 176
- Release M.10.24 176
- Release M.10.25 176
- Release M.10.26 177
- Release M.10.27 177
- Release M.10.28 178
- Release M.10.29 178
- Release M.10.30 179
- Release M.10.31 179
- Release M.10.32 180
- Release M.10.33 180
- Release M.10.34 181
- Release M.10.35 181
- Release M.10.36 182
- Release M.10.37 182
- Release M.10.38 182
- Release M.10.39 183
- Release M.10.40 183
- Release M.10.41 183
- Release M.10.42 184
- Release M.10.43 184
- Release M.10.44 184
- Release M.10.45 185
- Release M.10.46 185
- Release M.10.47 185
- Release M.10.48 186
- Release M.10.49 186
- Release M.10.65 187
- Release M.10.66 188
- Release M.10.67 189
- Release M.10.68 190
- Release M.10.69 190
- Release M.10.70 191
- = 0x85cc1eb0 192
- Release M.10.71 193
- Release M.10.72 193
- RADIUS server is unavailable 194
Related products and manuals for Software HP PROCURVE 3400CL-24G
Software HP A5799A User Manual
(166 pages)
(166 pages)
Software HP XP20000 User Manual
(226 pages)
(226 pages)
Software HP CloudSystem Foundation User's Guide
(211 pages)
(211 pages)
Software HP TC3100 User Manual
(121 pages)
(121 pages)
Software HP c8000 Workstation User's Guide
(89 pages)
(89 pages)
Software HP PROCURVE 6120 User Manual
(589 pages)
(589 pages)
Software HP B.06.X User Manual
(78 pages)
(78 pages)
Software HP 3PAR User's Guide
(676 pages)
(676 pages)
Software HP E3000 User Manual
(111 pages)
(111 pages)
Software HP 4000S User's Guide
(246 pages)
(246 pages)
Software HP 39gs Graphing Calculator User Manual
(314 pages)
(314 pages)
Software HP C50 User Manual
(484 pages)
(484 pages)
Software HP NonStop G-Series User's Guide
(103 pages)
(103 pages)
Software HP B6960-96008 User Manual
(396 pages)
(396 pages)
Software HP rp7410 User's Guide
(266 pages)
(266 pages)
Software HP 11i User Manual
(113 pages)
(113 pages)
Software HP 41B User Manual
(44 pages)
(44 pages)
© 2020, manymanuals.com. All rights reserved. | 3.033 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals