D-Link xstack DGS-3620 series Reference Manual page 63
Layer 3 managed stackable gigabit switch
Hide thumbs
Also See for xstack DGS-3620 series:
- Reference manual (1333 pages) ,
- Manual (1170 pages) ,
- Product manual (502 pages)
Table of Contents
Advertisement
xStack® DGS-3620 Series Layer 3 Managed Stackable Gigabit Switch CLI Reference Guide
server_group <string 15> | none}
config accounting service [network | shell | system] state [enable {[radius_only |
method_list_name <string 15> | default_method_list]} | disable]
config accounting service command {administrator | operator | power_user | user}
[method_list_name <string> | none]
create accounting method_list_name <string 15>
delete accounting method_list_name <string 15>
show accounting [default | method_list_name <string 15> | all]
show accounting service
create radius server_host <ipaddr> {auth_port <int 1-65535> | acct_port <int 1-65535> | [key
[<key_string 254> | none] | encryption_key <key_string 344>] | timeout <int 1-255> |
retransmit <int 1-20>}
config radius server_host <ipaddr> {auth_port <int 1-65535> | acct_port <int 1-65535> | [key
[<key_string 254> | none] | encryption_key <key_string 344>] | timeout <int 1-255> |
retransmit <int 1-20>}
config radius source_ipif [<ipif_name 12> {<ipaddr> | <ipv6addr>} | none]
show radius source_ipif
create tacacs server_host <ipaddr> {port <int 1-65535> | timeout <int 1-255> | retransmit <int 1-
20>}
config tacacs server_host <ipaddr> {port <int 1-65535> | timeout <int 1-255> | retransmit <int 1-
20>}
create tacacs+ server_host <ipaddr> {port <int 1-65535> | [key [<key_string 254> | none] |
encryption_key <key_string 344>] | timeout <int 1-255>}
config tacacs+ server_host <ipaddr> {port <int 1-65535> | [key [<key_string 254> | none] |
encryption_key <key_string 344>] | timeout <int 1-255>}
create xtacacs server_host <ipaddr> {port <int 1-65535> | timeout <int 1-255> | retransmit <int 1-
20>}
config xtacacs server_host <ipaddr> {port <int 1-65535> | timeout <int 1-255> | retransmit <int 1-
20>}
config tacacs source_ipif [<ipif_name 12> {<ipaddr>} | none]
show tacacs source_ipif
The TACACS / XTACACS / TACACS+ / RADIUS commands allows secure access to the Switch
using the TACACS / XTACACS / TACACS+ / RADIUS protocols. When a user logs in to the
Switch or tries to access the administrator level privilege, he or she is prompted for a password. If
TACACS / XTACACS / TACACS+ / RADIUS authentication is enabled on the Switch, it will contact
a TACACS / XTACACS / TACACS+ / RADIUS server to verify the user. If the user is verified, he or
she is granted access to the Switch.
There are currently three versions of the TACACS security protocol, each a separate entity. The
Switch's software supports the following versions of TACACS:
1. TACACS (Terminal Access Controller Access Control System) —Provides password
checking and authentication, and notification of user actions for security purposes utilizing
via one or more centralized TACACS servers, utilizing the UDP protocol for packet
transmission.
2. Extended TACACS (XTACACS) — An extension of the TACACS protocol with the ability
to provide more types of authentication requests and more types of response codes than
TACACS. This protocol also uses UDP to transmit packets.
3. TACACS+ (Terminal Access Controller Access Control System plus) — Provides
detailed access control for authentication for network devices. TACACS+ is facilitated
through Authentication commands via one or more centralized servers. The TACACS+
protocol encrypts all traffic between the Switch and the TACACS+ daemon, using the TCP
protocol to ensure reliable delivery.
58
Advertisement
Table of Contents
