EasyManuals Logo
Home>Cisco>Switch>Catalyst 3750-X

Cisco Catalyst 3750-X User Manual

Cisco Catalyst 3750-X
1438 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #289 background imageLoading...
Page #289 background image
10-55
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-21521-01
Chapter 10 Configuring Switch-Based Authentication
Configuring the Switch for Secure Copy Protocol
Use the no ip http client secure-trustpoint name to remove a client trustpoint configuration. Use the
no ip http client secure-ciphersuite to remove a previously configured CipherSuite specification for
the client.
Displaying Secure HTTP Server and Client Status
To display the SSL secure server and client status, use the privileged EXEC commands in Table 10-7:
Configuring the Switch for Secure Copy Protocol
The Secure Copy Protocol (SCP) feature provides a secure and authenticated method for copying switch
configurations or switch image files. SCP relies on Secure Shell (SSH), an application and a protocol
that provides a secure replacement for the Berkeley r-tools.
For SSH to work, the switch needs an RSA public/private key pair. This is the same with SCP, which
reli
es on SSH for its secure transport.
Because SSH also relies on AAA authentication, and S
CP relies further on AAA authorization, correct
configuration is necessary.
• Before enabling SCP, you must correctly configure SSH, authentication, and authorization on the
switch.
• Because SCP relies on SSH for its secure transport, the router must have an Rivest, Shamir, and
Adelman (RSA) key pair.
Note When using SCP, you cannot enter the password into the copy command. You must enter the password
when prompted.
Step 3
ip http client secure-ciphersuite
{[3des-ede-cbc-sha] [rc4-128-md5]
[rc4-128-sha] [des-cbc-sha]}
(Optional) Specify the CipherSuites (encryption algorithms) to be used
for encryption over the HTTPS connection. If you do not have a reason to
specify a particular CipherSuite, you should allow the server and client to
negotiate a CipherSuite that they both support. This is the default.
Step 4
end Return to privileged EXEC mode.
Step 5
show ip http client secure status Display the status of the HTTP secure server to verify the configuration.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Ta ble 10-7 Commands for Displaying the SSL Secure Server and Client Status
Command Purpose
show ip http client
se
cure status
Shows the HTTP secure client configuration.
show ip http server
se
cure status
Shows the HTTP secure server configuration.
show running-config Shows the generated self-signed certificate for secure HTTP co
nnections.

Table of Contents

Other manuals for Cisco Catalyst 3750-X

Preview: Command Reference
Command Reference1244 pages
Preview: Message Guide
Message Guide150 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 3750-X and is the answer not in the manual?

Cisco Catalyst 3750-X Specifications

General IconGeneral
BrandCisco
ModelCatalyst 3750-X
CategorySwitch
LanguageEnglish

Related product manuals