Controlling Web Browser Interface Access When Using Tacacs+ Authentication; Messages - HP 4108GL Management And Configuration Manual
Procurve switch
Hide thumbs
Also See for 4108GL:
- Management and configuration manual (547 pages) ,
- Function manual (306 pages) ,
- Installation and getting started manual (94 pages)
Table of Contents
Advertisement
Using Passwords and TACACS+ To Protect Against Unauthorized Access
TACACS+ Authentication for Central Control of Switch Access Security
Controlling Web Browser Interface Access When Using
TACACS+ Authentication
In release G.01.xx, configuring the switch for TACACS+ authentication does
not affect web browser interface access. To prevent unauthorized access
through the web browser interface, do one or more of the following:
I
I
I
Messages
The switch generates the CLI messages listed below. However, you may see
other messages generated in your TACACS+ server application. For informa-
tion on such messages, refer to the documentation you received with the
application.
CLI Message
Connecting to Tacacs server The switch is attempting to contact the TACACS+ server identified in the switch's
Connecting to secondary
Tacacs server
Invalid password
No Tacacs servers
responding
Not legal combination of
authentication methods
Record already exists
9-28
Configure local authentication (a Manager user name and password
and, optionally, an Operator user name and password) on the switch.
Configure the switch's Authorized IP Manager feature to allow web
browser access only from authorized management stations. (The
Authorized IP Manager feature does not interfere with TACACS+
operation.)
Disable web browser access to the switch by going to the System
Information screen in the Menu interface and configuring the
parameter to No.
Agent Enabled
Meaning
server
configuration as the first-choice (or only) TACACS+ server.
The switch was not able to contact the first-choice TACACS+ server, and is now
attempting to contact the next (secondary) TACACS+ server identified in the switch's
tacacs-server
configuration.
The system does not recognize the username or the password or both. Depending on the
authentication method (tacacs or local), either the TACACS+ server application did not
recognize the username/password pair or the username/password pair did not match the
username/password pair configured in the switch.
The switch has not been able to contact any designated TACACS+ servers. If this message
is followed by the Username prompt, the switch is attempting local authentication.
For console access, if you select tacacs as the primary authentication method, you must
select local as the secondary authentication method. This prevents you from being locked
out of the switch if all designated TACACS+ servers are inaccessible to the switch.
tacacs-server host
When resulting from a
enter a duplicate TACACS+ server IP address.
<ip addr> command, indicates an attempt to
Web
tacacs-
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
