Authentication Method List Config - TP-Link T2500G-10TS User Manual

Note:
The two built-in server groups radius and tacacs cannot be deleted or edited.
1.
Up to 16 servers can be added to one server group.
2.

12.5.6 Authentication Method List Config

Before you configure AAA authentication on a certain application, you should define an
authentication method list first. An authentication method list describes the sequence and
authentication method to be queried to authenticate a user.
The switch uses the first method listed to authenticate users, if that method fails to respond,
the switch selects the next authentication method in the method list. This process continues
until there is a successful communication with a listed authentication method or until all defined
methods are exhausted. If authentication fails at any point in this circle, which means the
secure server or the local switch denies the user's access, the authentication process stops
and no other authentication methods are attempted.
For example, if a user defines an authentication login method list as tacacs-radius-local, the
switch will send an authentication request to the fist TACACS+ server in the tacacs server
group. If there is no response, the switch will send an authentication request to the second
TACACS+ server in the tacacs server group and so on, until the tacacs server group list is
exhausted. Then the RADIUS server group will be queried. If no authentication is accomplished
in the RADIUS server list, the switch will authenticate the user locally. This forms a backup
system for authentication.
Choose the menu Network Security→AAA→Authentication List to load the following page.
Figure 12-7 Authentication Method List Config
217