HP 3500yl Series Access Security Manual page 226
Switch software
Hide thumbs
Also See for 3500yl Series:
- Release notes (219 pages) ,
- Specifications (16 pages) ,
- Features (6 pages)
Table of Contents
Advertisement
TACACS+ Authentication
Configuring TACACS+ on the Switch
HP Switch(config)# show tacacs
Status and Counters - TACACS Information
Timeout : 5
Encryption Key :
Server IP Addr
--------------- ------ ------ ------ ------ ------- -------
10.28.227.10
10.28.227.15
Figure 5-9. Example of the Switch After Assigning a Different "First-Choice" Server
5-22
The "10" server is now the "first-choice" TACACS+ authentication device.
Opens
0
0
To remove the 10.28.227.15 device as a TACACS+ server, you
would use this command:
HP Switch(config)# no tacacs-server host 10.28.227.15
Configuring an Encryption Key. Use an encryption key in the switch if the
switch will be requesting authentication from a TACACS+ server that also uses
an encryption key. (If the server expects a key, but the switch either does not
provide one, or provides an incorrect key, then the authentication attempt will
fail.) Use a global encryption key if the same key applies to all TACACS+
servers the switch may use for authentication attempts. Use a per-server
encryption key if different servers the switch may use will have different keys.
(For more details on encryption keys, see "Using the Encryption Key" on page
5-26.)
To configure north01 as a global encryption key:
HP Switch(config)# tacacs-server key north01
To configure north01 as a per-server encryption key:
HP Switch(config)# tacacs-server host 10.28.227.63 key
north01
An encryption key can contain up to 100 characters, without spaces, and is
likely to be case-sensitive in most TACACS+ server applications.
To delete a global encryption key from the switch, use this command:
HP Switch(config)# no tacacs-server key
Closes Aborts Errors Pkts Rx Pkts Tx
0
0
0
0
0
0
0
0
0
0
Hide quick links:
Advertisement
Chapters
Table of Contents
