Adds or deletes a Kerberos server to the Kerberos server list.
ip_address |
Specifies a Kerberos server IP address to add or delete. |
all |
Specifies that all Kerberos server list entries are to be deleted. |
No servers are in the Kerberos server list.
When no servers are configured in the Kerberos server list, the Kerberos snooping feature processes responses from all Kerberos servers, which can expose the system to simulated logins. To avoid this exposure, you can configure a list of up to 20 valid Kerberos servers. When the Kerberos server list contains one or more entries, the switch only processes responses from the Kerberos servers in the list.
The following command adds the Kerberos server at IP address 10.10.10.1 to the Kerberos server list:
* Switch.4 # configure identity-management kerberos snooping add server 10.10.10.1
This command was first available in ExtremeXOS 12.4.
This command is available on all Universal switches supported in this document.