Configuring Local/Remote Logon Authentication - Edge-Core ECS4110-28T Management Manual

28/52-port gigabit ethernet layer 2+ switch

Hide thumbs Also See for ECS4110-28T:

Installation manual (50 pages)

Quick start manual (6 pages)

Table of Contents

UTHENTICATION

To configure AAA on the switch, you need to follow this general process:

Configure RADIUS and TACACS+ server access parameters. See

"Configuring Local/Remote Logon Authentication" on page

Define RADIUS and TACACS+ server groups to support the accounting

and authorization of services.

Define a method name for each service to which you want to apply

accounting or authorization and specify the RADIUS or TACACS+ server

groups to use.

Apply the method names to port or line interfaces.

This guide assumes that RADIUS and TACACS+ servers have already

been configured to support AAA. The configuration of RADIUS and

TACACS+ server software is beyond the scope of this guide, refer to the

documentation provided with the RADIUS or TACACS+ server software.

Use the Security > AAA > System Authentication page to specify local or

remote authentication. Local authentication restricts management access

based on user names and passwords manually configured on the switch.

Remote authentication uses a remote access authentication server based

on RADIUS or TACACS+ protocols to verify management access.

"Authentication Sequence" on page 828

By default, management access is always checked against the

authentication database stored on the local switch. If a remote

authentication server is used, you must specify the authentication

sequence. Then specify the corresponding parameters for the remote

authentication protocol using the Security > AAA > Server page. Local

and remote logon authentication control management access via the

console port, web browser, or Telnet.

You can specify up to three authentication methods for any user to

indicate the authentication sequence. For example, if you select

(1) RADIUS, (2) TACACS and (3) Local, the user name and password

on the RADIUS server is verified first. If the RADIUS server is not

available, then authentication is attempted using the TACACS+ server,

and finally the local user name and password is checked.

AAA Authentication, Authorization and Accounting

| Security Measures

Show Quick Links

Quick Links:
Connecting to the Switch

Chapters

Table of Contents

Ecs4110-28p Ecs4110-52t Ecs4110-52p

Configuring Local/Remote Logon Authentication - Edge-Core ECS4110-28T Management Manual

Hide quick links:

Chapters

Related Manuals for Edge-Core ECS4110-28T

Related Content for Edge-Core ECS4110-28T

This manual is also suitable for:

Table of Contents