Cisco Nexus 1000V Security Configuration Guide, Release 4.0(4)SV1(1)
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Chapter: Index
Index
A
AAA
default settings 3-9
example configuration 3-9
guidelines 3-4
limitations 3-4
monitoring TACACS+ servers 5-3
prerequisites 3-4
server groups description 3-4
services 3-1
standards 3-10
TACACS+ server groups 5-12
verifying configurations 3-8
aaa authentication command 3-6
AAA servers
FreeRADIUS VSA format 4-4
access control lists
order of application 8-2
types of 8-2
accounting
default 3-9
description 3-3
authentication
console default 3-9
description 3-2
method default 3-9
authentication, authorization, and accounting. See AAA
authorization, description 3-3
av pair 5-4
C
Cisco
class-map limits 11-1
clear a Telnet session 7-4
configuration limits 11-1
console
authentication default 3-9
configure login authentication 3-6
D
defaults
user access 2-16
default settings
AAA 3-9
SSH 6-15
TACACS+ 5-24
Telnet 7-5
disable
Telnet 7-2
documentation
additional publications 1-ii
E
enable
authentication failure messages 3-7
Telnet 7-2
example configuration
AAA 3-9
Secure Shell (SSH) 6-13
TACACS+ 5-23
user access 2-15
expiration date
information about 2-4
F
feature groups
creating 2-10
flow chart
configuring AAA 3-5
configuring TACACS+ 5-6
FreeRADIUS
VSA format for role attributes 4-4
I
IDs
Cisco vendor ID 4-3
IP ACLs
changing an IP ACL 8-6
configuring8-5to ??
creating an IP ACL 8-5
default settings 8-12
description 8-1
guidelines 8-5
limitations 8-5
prerequisites 8-5
removing an IP ACL 8-8
verifying configuration 8-11
L
limits, configuration 11-1
login AAA, about 3-1
login authentication
configuring console methods 3-6
M
MAC ACLs
changing a MAC ACL 9-3
creating a MAC ACL 9-2
description 9-1
removing a MAC ACL 9-4
match criteria limit 11-1
P
password
passwords
information about 2-3
policy map limits 11-1
port ACLs
applying 8-10
port security
description 10-1
enabling on an interface 10-6
MAC move 10-4
static MAC address 10-8
violations 10-4
preshared keys
TACACS+ 5-3
prohibited words 2-6
R
RADIUS
configuring the global key 4-6
configuring transmission retries 4-12
default settings 4-22
example configurations 4-22
network environments 4-1
operation 4-2
prerequisites 4-4
specifying server at login 4-10
verifying configuration 4-21
VSAs 4-3
RADIUS server groups
configuring 4-8
RADIUS Servers
retries to a single server 4-14
RADIUS servers
configuring accounting attributes 4-15, 4-16
configuring a timeout interval 4-13
configuring authentication attributes 4-15, 4-16
configuring dead-time intervals 4-19
configuring hosts 4-5
configuring keys 4-7
configuring periodic monitoring 4-18
deleting hosts 4-21
displaying statistics 4-22
example configurations 4-22
manually monitoring 4-20
monitoring 4-2
verifying configuration 4-21
related documents 1-ii
remote session, Telnet IPv4 7-3
roles
example configuration 2-15
information about 2-1
interface access 2-12
limitations 2-4
verifying 2-15
VLAN access 2-13
S
Secure Shell
default settings 6-15
security services, about 3-1
server groups, description 3-4
service policy limits 11-1
services, AAA, about 3-1
session, clearing Telnet 7-3, 7-4
session, starting IPv4 Telnet 7-3
show Telnet server command 7-5
SSH
default settings 6-15
generating server key-pairs 1-2, 6-1
statistics
RADIUS servers 4-22
TACACS+ 5-22
T
TACACS+
configuring5-5to ??
configuring global timeout interval 5-16
configuring shared keys 5-9
default settings 5-24
description5-1to ??
disabling 5-8
displaying statistics 5-22
enabling 5-8
example configurations 5-23
global preshared keys 5-3
guidelines 5-4
limitations 5-4
prerequisites 5-4
preshared key 5-3
specifying TACACS+ servers at login 5-14
user login operation 5-2
VSAs 5-3
TACACS+ servers
configuration overview 5-6
configuring dead-time interval 5-21
configuring periodic monitoring 5-20
configuring server groups 5-12
configuring TCP ports 5-18
displaying statistics 5-22
monitoring 5-3
TCP ports
TACACS+ servers 5-18
Telnet 7-1
clearing a session 7-4
clear session 7-3
default setting 7-5
enable, disable 7-2
information about 7-1
prerequisites for 7-1
start IPv4 session 7-3
Telnet command 7-4
timeout
TACACS+ 5-16
U
user access
defaults 2-16
example configuration 2-15
verifying 2-15
user account
prohibited words 2-6
user accounts
configuring 2-6
guidelines 2-4
information about 2-1
limitations roles
guidelines 2-4
user names
information about 2-3
user roles
creating 2-8
creating feature groups 2-10
V
vendor ID, Cisco 5-4
vendor-specific attributes (VSAs) 5-4
VSAs
protocol options 4-3
Feedback