Ethernet Switches & Routers

Reply
New Contributor
Posts: 2
Registered: ‎08-21-2013

What are cli commands to require login username and password for web-management on icx6450

What are cli commands to require login username and password for web-management on icx6450?  I can access the device via web management, but when I click login it doesn't prompt for username and password?

Brocadian
Posts: 152
Registered: ‎10-05-2010

Re: What are cli commands to require login username and password for web-management on icx6450

 

Brocade(config)# username abc privilege 0 password pswd 

Brocade(config)# aaa authentication web-server default local

 

username = abc

password = pswd

Brocadian
Posts: 37
Registered: ‎11-03-2014

Re: What are cli commands to require login username and password for web-management on icx6450

I would also recommend:

 

1. setting the super-user-password

2. doing a crypto-key generate rsa modulus 2048 (to enable ssh)

3. disabling the telnet server

Jonathon Lorek
Brocade Systems Engineer - Great Lakes Region
jlorek@brocade.com
Frequent Contributor
Posts: 122
Registered: ‎07-20-2015

Re: What are cli commands to require login username and password for web-management on icx6450

[ Edited ]

I would do something like this:

 

hostname Switchname
username dhecwan password whateveryoulike

 

 

crypto-ssl certificate generate


crypto key generate rsa mod 2048

 

 

 

For your management area:

 

access-list 99 permit 10.0.1.0 0.0.255.255

 

 

aaa authentication web-server default local
aaa authentication enable default local
aaa authentication login default local
aaa authentication login privilege-mode

enable aaa console

 

console timeout 15

 

no telnet server

 

 

<syslogging server stuff,  dns suffix stuff, dns server stuff, any static routes, whether or not you want to run lldp, cdp, fdp, any community strings, timezone and ntp server, etc.>

 

 

no web-management http
web-management https

 

banner motd ^
------------------------------------------------------------------------

Violators not welcome message of some kind  here...

------------------------------------------------------------------------
^

 

!  Apply your ACL if you created one:

ssh access-group 99
web access-group 99

 

Some other related tweaks you may want to mess with:

 

ip ssh authentication-retries 2
ip ssh timeout 30
ip ssh idle-time 30

 

logging console
logging persistence

 

 

If you are doing SNMP:

 

snmp-server community .... ro 99

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.