Table of Contents
Advertisement
TACACS+ Hosts
To configure TACACS+ security services:
1. enable — Enter Administrator mode.
2. tacacs-server host 10.7.0.22 — Specify the TACACS+ server to
3. tacacs-server key tacacs123SN — Configure the global
Local Username Database
To configure a local username database:
Note:
command history cache and are stored in the local username database in encrypted
format.
1. enable — Enter Administrator mode.
2. username labserver password foo username labserver2
The following rules apply to passwords:
IP Storage Router SR2122-2 User Guide
be used for AAA authentication services. For example, specify the TACACS+
server at 10.7.0.22 for use by the Storage Router. Because no port is
specified, the authentication requests use the default port 49. The global
timeout value is also used.
authentication and encryption key to be used for all TACACS+
communications between the storage router and the TACACS+ server. For
example, set the key to tacacs123SN. This key must match the key used by
the TACACS+ daemon.
Passwords are entered in clear text but are changed to "XXXXX" in the CLI
password foo2 — Enter a user name and password for each device
requiring authentication prior to access to storage. For example, add the
following user name and password combinations:
■
labserver and foo
■
labserver2 and foo2
User name and password pairs must match the user name and password pairs
configured for the iSCSI drivers that require access to storage via the SCSI
routing instances that have iSCSI authentication enabled. If other
authentication services are also used (such as RADIUS or TACACS+), these
user name and password pairs must also be configured within the databases
those services use for authentication purposes.
Configuring Authentication
151
Advertisement
Table of Contents
Troubleshooting
