Configuring CLI Access using EDM

Use the following procedures to perform CLI access configuration tasks such as:

Enable access levels
Change passwords
Configure the logon banner

Enable Access Levels

About this task

Enable access levels to control the configuration actions of various users.

Important

Only the RWA user can disable an access level on the switch. You cannot disable the RWA access level on the switch.

The system preserves these configurations across restarts.

Procedure

In the navigation pane, expand Configuration > Security > Control Path.
Click General.
Click the CLI tab.
Select the enable check box for the required access level.
Click Apply.

Change Passwords

About this task

Configure new passwords for each access level, or change the logon or password for the different access levels of the system to prevent unauthorized access. After you receive the switch, use default passwords to initially access CLI. If you use Simple Network Management Protocol version 3 (SNMPv3), you can change passwords in encrypted format.

Procedure

In the navigation pane, expandConfiguration > Security > Control Path.
Click General.
Click the CLI tab.
Specify the username and password for the appropriate access level.
Click Apply.

Configure the Logon Banner

About this task

Configure the logon banner using EDM to display a warning message to users on the CLI before authentication.

Procedure

In the navigation pane, expand Configuration > Security > Control Path.
Click General.
Click the CLI tab.
Enter the banner text in the CustomBannerText field.
Check the CustomBannerEnable check box.
Click Apply.

CLI Field Descriptions

The following table defines parameters for the CLI tab.


Name	Description
RWAUserName	Specifies the user name for the read-write-all CLI account.
RWAPassword	Specifies the password for the read-write-all CLI account.
RWEnable	Activates the read-write access. The default is enabled.
RWUserName	Specifies the user name for the read-write CLI account.
RWPassword	Specifies the password for the read-write CLI account.
RWL3Enable	Activates the read-write Layer 3 access. The default is enabled.
RWL3UserName	Specifies the user name for the Layer 3 read-write CLI account.
RWL3Password	Specifies the password for the Layer 3 read-write CLI account.
RWL2Enable	Activates the read-write Layer 2 access. The default is enabled.
RWL2UserName	Specifies the user name for the Layer 2 read-write CLI account.
RWL2Password	Specifies the password for the Layer 2 read-write CLI account.
RWL1Enable	Activates the read-write Layer 1 access. The default is enabled.
RWL1UserName	Specifies the user name for the Layer 1 read-write CLI account.
RWL1Password	Specifies the password for the Layer 1 read-write CLI account.
ROEnable	Activates the read-only CLI account. The default is enabled.
ROUserName	Specifies the user name for the read-only CLI account.
ROPassword	Specifies the password for the read-only CLI account.
MaxTelnetSessions	Specifies the maximum number of concurrent Telnet sessions in a range from 0–8. The default is 8.
Timeout	Specifies the number of seconds of inactivity for a Telnet before the system initiates automatic timeout and disconnect, expressed in a range from 30–65535. The default is 900 seconds.
NumAccessViolations	Indicates the number of CLI access violations detected by the system. This variable is a read-only field.
CustomBannerText Note: Exception: not supported on VSP 8600 Series.	Specifies the text message that is displayed to users on the CLI before authentication. The message can be company information, such as company name and contact, or a warning message for the users of CLI. With character limitation from 1-1800, the text box displays 79 characters per line.
CustomBannerEnable Note: Exception: not supported on VSP 8600 Series.	Specifies whether custom logon banner is enabled or disabled. The default is enabled.