Authentication Server Settings - D-Link xStack DGS-3120 Series Reference Manual
Xstack dgs-3120 series layer 3 managed gigabit ethernet switch web ui reference guide
Hide thumbs
Also See for xStack DGS-3120 Series:
- Cli reference manual (1150 pages) ,
- Manual (852 pages) ,
- Reference manual (813 pages)
Table of Contents
Advertisement
xStack® DGS-3120 Series Layer 3 Managed Gigabit Ethernet Switch Web UI Reference Guide
NOTE: The three built-in server groups can only have server hosts running the same TACACS
daemon. TACACS/XTACACS/TACACS+ protocols are separate entities and are not
compatible with each other.
Authentication Server Settings
User-defined Authentication Server Hosts for the TACACS / XTACACS / TACACS+ / RADIUS security protocols
can be set on the Switch. When a user attempts to access the Switch with Authentication Policy enabled, the
Switch will send authentication packets to a remote TACACS / XTACACS / TACACS+ / RADIUS server host on a
remote host. The TACACS / XTACACS / TACACS+ / RADIUS server host will then verify or deny the request and
return the appropriate message to the Switch. More than one authentication protocol can be run on the same
physical server host but, remember that TACACS / XTACACS / TACACS+ / RADIUS are separate entities and are
not compatible with each other. The maximum supported number of server hosts is 16.
To view this window, click Security > Access Authentication Control > Authentication Server Settings as
shown below:
The fields that can be configured are described below:
Parameter
IP Address
Protocol
Key
Accounting Port
Port (1-65535)
Timeout (1-255)
Retransmit (1-20)
Click the Apply button to accept the changes made.
Figure 8-79 Authentication Server Settings window
Description
The IP address of the remote server host to add.
The protocol used by the server host. The user may choose one of the following:
TACACS - Enter this parameter if the server host utilizes the TACACS protocol.
XTACACS - Enter this parameter if the server host utilizes the XTACACS protocol.
RADIUS - Enter this parameter if the server host utilizes the RADIUS protocol.
TACACS+ - Enter this parameter if the server host utilizes the TACACS+ protocol.
Authentication key to be shared with a configured TACACS+ or RADIUS servers
only. Specify an alphanumeric string up to 254 characters.
Enter the UDP port number which is used to transmit RADIUS accounting statistics
between the Switch and the RADIUS server. This field is available when RADIUS is
selected in Protocol.
Enter a number between 1 and 65535 to define the virtual port number of the
authentication protocol on a server host. The default port number is 49 for
TACACS/XTACACS/TACACS+ servers and 1812 for RADIUS servers but the user
may set a unique port number for higher security.
Enter the time in seconds the Switch will wait for the server host to reply to an
authentication request. The default value is 5 seconds.
Enter the value in the retransmit field to change how many times the device will
resend an authentication request when the server does not respond. This value will
not take effect when configuring to TACACS+. The default value is 2.
382
- Quick Links:
- Login to the Web Manager
- Reset
Hide quick links:
Advertisement
Table of Contents
