Hi im new at the Alcatel data section .
First i want to know it is possible to create a new Login and set different rights .
Second i want connect to swicht only secured means no telenet , http, ftp, in case of http there are redirect to https possible ?
I try no http Server und https Server but if i connect https the Service is disable
R6.6.3 AOS
I have 2 switch as stack
I have update from r6.1.1 to 6.3.3 one switch there are a command to update the second switch?
Thanks for help
disable http and create new account
-
yaz
Re: disable http and create new account
To add user: user admin2 password switch
To give the user read-only access: user admin2 read-only all
To disable access for FTP and similar : no aaa authentication telnet ftp
To disable http and enable https:
no http server
https server
To give the user read-only access: user admin2 read-only all
To disable access for FTP and similar : no aaa authentication telnet ftp
To disable http and enable https:
no http server
https server
-
Split
Re: disable http and create new account
thanks for help yaz
now i know how create a new user .........;
the command no http server and https server i already tried but if i open a web browser => https://<IP Adress Switch> => the Alcatel Switch Page Display with he Info http/https Service unavailible ......somebody a idea?
now i know how create a new user .........;
the command no http server and https server i already tried but if i open a web browser => https://<IP Adress Switch> => the Alcatel Switch Page Display with he Info http/https Service unavailible ......somebody a idea?
-
yaz
Re: disable http and create new account
Split:
Have you enabled access for HTTP?
aaa authentication http local
Regards,
Yaz
Have you enabled access for HTTP?
aaa authentication http local
Regards,
Yaz
-
devnull
Re: disable http and create new account
try
no ip service http
no ip service secure-http
no ip service telnet
no ip service ftp
removing aaa means: service runs, but login is impossible. With removed service it is not even running.
To upgrade stack: Follow the release guides, there are some steps where the order is important.. (marked in red).
no ip service http
no ip service secure-http
no ip service telnet
no ip service ftp
removing aaa means: service runs, but login is impossible. With removed service it is not even running.
To upgrade stack: Follow the release guides, there are some steps where the order is important.. (marked in red).
-
Split
Re: disable http and create new account
Hi
yes i have set aaa authentication default local an i thought with no http server it´s disable but this is wrong how i learned .....
if i understand right there are diffenrent ways i can do: no aaa authentication http local or like devnull say disable the ip service
i have try no ip service http and its works thanks a lot
yes i have set aaa authentication default local an i thought with no http server it´s disable but this is wrong how i learned .....
if i understand right there are diffenrent ways i can do: no aaa authentication http local or like devnull say disable the ip service
i have try no ip service http and its works thanks a lot
-
devnull
Re: disable http and create new account
Yes.. both ways stops using http..
aaa default local means:
per default check against local user database (for every running service)
every aaa-service with "no"
e.g. no aaa authentication ftp
means that you can not authenticate for this service means: login impossible.
no ip service means: stop this service/daemon (which of course means login not possible).
For several security certifications (EAL/BSI/..) it may be needed to stop availability of services not just to forbid login..
aaa default local means:
per default check against local user database (for every running service)
every aaa-service with "no"
e.g. no aaa authentication ftp
means that you can not authenticate for this service means: login impossible.
no ip service means: stop this service/daemon (which of course means login not possible).
For several security certifications (EAL/BSI/..) it may be needed to stop availability of services not just to forbid login..
-
Split
Re: disable http and create new account
thanks for the datails informations .....
Regards Split
Regards Split
