Table of Contents
Advertisement
Configuring Switch-Based Authentication
How to Configure Switch-Based Authentication
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services
Command
1.
configure terminal
2.
aaa authorization network tacacs+
3.
aaa authorization exec tacacs+
4.
end
Starting TACACS+ Accounting
Command
1.
configure terminal
2.
aaa accounting network start-stop
tacacs+
3.
aaa accounting exec start-stop tacacs+
4.
end
Configuring Radius Server Communication
Before You Begin
You should have access to and should configure a RADIUS server before configuring RADIUS features on your switch.
At a minimum, you must identify the host or hosts that run the RADIUS server software and define the method lists for
RADIUS authentication. You can optionally define method lists for RADIUS authorization and accounting.
Some configuration settings need to be configured on the RADIUS server that include the IP address of the switch and
the key string to be shared by both the server and the switch.
Purpose
Enters global configuration mode.
Configures the switch for user TACACS+ authorization for all
network-related service requests.
Configures the switch for user TACACS+ authorization if the user has
privileged EXEC access.
The exec keyword might return user profile information (such as
autocommand information).
Returns to privileged EXEC mode.
Purpose
Enters global configuration mode.
Enables TACACS+ accounting for all network-related service requests.
Enables TACACS+ accounting to send a start-record accounting notice
at the beginning of a privileged EXEC process and a stop-record at the
end.
Returns to privileged EXEC mode.
172
- Quick Links:
- Configuration Overview
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the IE-4000 and is the answer not in the manual?
Questions and answers