Accounting; Configuring Tacacs+ Authentication On The Switch (Cli Example) - HP GbE2c - Blc Layer 2/3 Fiber SFP Option Application Manual

Ethernet blade switch for c-class bladesystem

Hide thumbs Also See for GbE2c - Blc Layer 2/3 Fiber SFP Option:

Interface manual (209 pages)

Command reference manual (175 pages)

Cli reference manual (153 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

Table of Contents

Accounting

Accounting is the action of recording a user's activities on the device for the purposes of billing and/or security. It

follows the authentication and authorization actions. If the authentication and authorization is not performed via

TACACS+, no TACACS+ accounting messages are sent out.

You can use TACACS+ to record and track software logins, configuration changes, and interactive commands.

The switch supports the following TACACS+ accounting attributes:

protocol (console/telnet/ssh/http)

start_time

stop_time

elapsed_time

NOTE:

When using the browser-based Interface, the TACACS+ Accounting Stop records are sent only if

the Quit button on the browser is clicked.

Configuring TACACS+ authentication on the switch (CLI example)

Turn TACACS+ authentication on, and then configure the Primary and Secondary TACACS+ servers.

>> Main# /cfg/sys/tacacs

>> TACACS+ Server# on

Current status: OFF

New status: ON

>> TACACS+ Server# prisrv 10.10.1.1

Current primary TACACS+ server: 0.0.0.0

New pending primary TACACS+ server: 10.10.1.1

>> TACACS+ Server# secsrv 10.10.1.2

Current secondary TACACS+ server: 0.0.0.0

New pending secondary TACACS+ server: 10.10.1.2

Configure the TACACS+ secret and second secret.

>> TACACS+ Server# secret

Enter new TACACS+ secret: <1-32 character secret>

>> TACACS+ Server# secret2

Enter new TACACS+ second secret: <1-32 character secret>

CAUTION:

If you configure the TACACS+ secret using any method other than a direct console connection, the

secret may be transmitted over the network as clear text.

If desired, you may change the default TCP port number used to listen to TACACS+. The well-known port for

TACACS+ is 49.

>> TACACS+ Server# port

Current TACACS+ port: 49

Enter new TACACS+ port [1-65000]: <TCP port number>

Configure the number retry attempts for contacting the TACACS+ server and the timeout period.

>> TACACS+ Server# retries

Current TACACS+ server retries: 3

Enter new TACACS+ server retries [1-3]: 2

>> TACACS+ Server# time

Current TACACS+ server timeout: 5

Enter new TACACS+ server timeout [4-15]: 10 (Enter the timeout period

(Select the TACACS+ Server menu)

(Turn TACACS+ on)

(Enter primary server IP)

(Enter secondary server IP)

in minutes)

Accessing the switch 23

Table of Contents

Troubleshooting

This manual is also suitable for:

Gbe2c Xw460c - proliant - blade workstation

Accounting; Configuring Tacacs+ Authentication On The Switch (Cli Example) - HP GbE2c - Blc Layer 2/3 Fiber SFP Option Application Manual

Accounting

Configuring TACACS+ authentication on the switch (CLI example)

Troubleshooting

Related Manuals for HP GbE2c - Blc Layer 2/3 Fiber SFP Option

Related Content for HP GbE2c - Blc Layer 2/3 Fiber SFP Option

This manual is also suitable for:

Table of Contents