Table of Contents
Advertisement
Local User Accounts
By storing user profiles locally on the OLT, your OLT is able to authenticate and authorize users without
interacting with a network AAA server. However, there is a limit on the number of users you may
authenticate in this way (See
RADIUS and TACACS+
RADIUS and TACACS+ are security protocols used to authenticate users by means of an external server
instead of (or in addition to) an internal device user database that is limited to the memory capacity of
the device. In essence, RADIUS and TACACS+ authentication both allow you to validate an unlimited
number of users from a central location.
The following table describes some key differences between RADIUS and TACACS+.
Table 75 RADIUS vs. TACACS+
Transport
Protocol
Encryption
26.2 AAA Screens
The AAA screens allow you to enable authentication and authorization or both of them on the OLT. First,
configure your authentication server settings (RADIUS) and then set up the authentication priority,
activate authorization.
Click Advanced Application > AAA in the navigation panel to display the screen as shown.
Figure 129 Advanced Application > AAA
26.3 RADIUS Server Setup
Use this screen to configure your RADIUS server settings. See
information on RADIUS servers and
authentication features on the OLT. Click on the RADIUS Server Setup link in the AAA screen to view the
screen as shown.
Chapter 26 AAA
Section 44.4 on page
RADIUS
UDP (User Datagram Protocol)
Encrypts the password sent for
authentication.
Section 26.6.2 on page 222
OLT2406 User's Guide
215
358).
TACACS+
TCP (Transmission Control Protocol)
All communication between the client (the OLT) and
the TACACS server is encrypted.
RADIUS and TACACS+ on page 215
for RADIUS attributes utilized by the
for more
Advertisement
Table of Contents
Troubleshooting
