Filter
Top Products
Chapter 10: Security Configuration Guide
164 SmartSwitch Router User Reference Manual
To monitor TACACS Plus, enter the following commands in Enable mode:
Configure Passwords
The SSR provides password authentication for accessing the User and Enable modes. If
TACACS is not enabled on the SSR, only local password authentication is performed.
To configure SSR passwords, enter the following commands in Configure mode:
Layer-2 Security Filters
Layer-2 security filters on the SSR allow you to configure ports to filter specific MAC
addresses. When defining a Layer-2 security filter, you specify to which ports you want
the filter to apply. You can specify the following security filters:
• Address filters
These filters block traffic based on the frame's source MAC address, destination MAC
address, or both source and destination MAC addresses in flow bridging mode.
Address filters are always configured and applied to the input port.
• Port-to-address lock filters
These filters prohibit a user connected to a locked port or set of ports from using
another port.
• Static entry filters
These filters allow or force traffic to go to a set of destination ports based on a frame's
source MAC address, destination MAC address, or both source and destination MAC
addresses in flow bridging mode. Static entries are always configured and applied at
the input port.
• Secure port filters
A secure filter shuts down access to the SSR based on MAC addresses. All packets
received by a port are dropped. When combined with static entries, however, these
filters can be used to drop all received traffic but allow some frames to go through.
Show TACACS Plus server
statistics.
tacacs-plus show stats
Show all TACACS Plus
parameters.
tacacs-plus show all
Set User mode password.
system set password login
<string>
Set Enable mode password.
system set password enable
<string>