Configuring CLI Access using EDM
Use the following procedures to perform CLI access configuration tasks such as:
-
Enable access levels
-
Change passwords
-
Configure the logon banner
Enable Access Levels
About this task
Enable access levels to control the configuration actions of various users.
Important
Only the RWA user can disable an access level on the switch. You cannot disable the RWA access level on the switch.
The system preserves these configurations across restarts.
Procedure
- In the navigation pane, expand .
- Click General.
- Click the CLI tab.
- Select the enable check box for the required access level.
- Click Apply.
Change Passwords
About this task
Configure new passwords for each access level, or change the logon or password for the different access levels of the system to prevent unauthorized access. After you receive the switch, use default passwords to initially access CLI. If you use Simple Network Management Protocol version 3 (SNMPv3), you can change passwords in encrypted format.
Procedure
- In the navigation pane, expand .
- Click General.
- Click the CLI tab.
- Specify the username and password for the appropriate access level.
- Click Apply.
Configure the Logon Banner
About this task
Configure the logon banner using EDM to display a warning message to users on the CLI before authentication.
Procedure
- In the navigation pane, expand .
- Click General.
- Click the CLI tab.
- Enter the banner text in the CustomBannerText field.
- Check the CustomBannerEnable check box.
- Click Apply.
CLI Field Descriptions
The following table defines parameters for the CLI tab.
Name |
Description |
---|---|
RWAUserName |
Specifies the user name for the read-write-all CLI account. |
RWAPassword |
Specifies the password for the read-write-all CLI account. |
RWEnable |
Activates the read-write access. The default is enabled. |
RWUserName |
Specifies the user name for the read-write CLI account. |
RWPassword |
Specifies the password for the read-write CLI account. |
RWL3Enable |
Activates the read-write Layer 3 access. The default is enabled. |
RWL3UserName |
Specifies the user name for the Layer 3 read-write CLI account. |
RWL3Password |
Specifies the password for the Layer 3 read-write CLI account. |
RWL2Enable |
Activates the read-write Layer 2 access. The default is enabled. |
RWL2UserName |
Specifies the user name for the Layer 2 read-write CLI account. |
RWL2Password |
Specifies the password for the Layer 2 read-write CLI account. |
RWL1Enable |
Activates the read-write Layer 1 access. The default is enabled. |
RWL1UserName |
Specifies the user name for the Layer 1 read-write CLI account. |
RWL1Password |
Specifies the password for the Layer 1 read-write CLI account. |
ROEnable |
Activates the read-only CLI account. The default is enabled. |
ROUserName |
Specifies the user name for the read-only CLI account. |
ROPassword |
Specifies the password for the read-only CLI account. |
MaxTelnetSessions |
Specifies the maximum number of concurrent Telnet sessions in a range from 0–8. The default is 8. |
MaxRloginSessions Note:
Exception: only supported on VSP 8600 Series. |
Specifies the maximum number of concurrent rlogin sessions in a range from 0–8. The default is 8. |
Timeout |
Specifies the number of seconds of inactivity for a Telnet or Rlogin session before the system initiates automatic timeout and disconnect, expressed in a range from 30–65535. The default is 900 seconds. Note:
rlogin is supported only on the VSP 8600 Series. |
NumAccessViolations |
Indicates the number of CLI access violations detected by the system. This variable is a read-only field. |
CustomBannerText Note:
Exception: not supported on VSP 8600 Series. |
Specifies the text message that is displayed to users on the CLI before authentication. The message can be company information, such as company name and contact, or a warning message for the users of CLI. With character limitation from 1-1800, the text box displays 79 characters per line. |
CustomBannerEnable Note:
Exception: not supported on VSP 8600 Series. |
Specifies whether custom logon banner is enabled or disabled. The default is enabled. |