1. Manuals
  2. Brands
  3. HP Manuals
  4. Switch
  5. ProCurve Switch 2900yl-24G
  6. Access security manual

General Authentication Setup Procedure - HP ProCurve Switch 2900yl-24G Access Security Manual

Hide thumbs
Table of Contents

Advertisement

TACACS+ Authentication

General Authentication Setup Procedure

Note
4-6

General Authentication Setup Procedure

It is important to test the TACACS+ service before fully implementing it.
Depending on the process and parameter settings you use to set up and test
TACACS+ authentication in your network, you could accidentally lock all
users, including yourself, out of access to a switch. While recovery is simple,
it may pose an inconvenience that can be avoided.To prevent an unintentional
lockout on the switch, use a procedure that configures and tests TACACS+
protection for one access type (for example, Telnet access), while keeping the
other access type (console, in this case) open in case the Telnet access fails
due to a configuration problem. The following procedure outlines a general
setup procedure.
If a complete access lockout occurs on the switch as a result of a TACACS+
configuration, see "Troubleshooting TACACS+ Operation" in the Trouble-
shooting chapter of the Management and Configuration Guide for your
switch.
1.
Familiarize yourself with the requirements for configuring your
TACACS+ server application to respond to requests from the switch.
(Refer to the documentation provided with the TACACS+ server soft-
ware.) This includes knowing whether you need to configure an encryp-
tion key. (See "Using the Encryption Key" on page 4-23.)
2.
Determine the following:
• The IP address(es) of the TACACS+
server(s) you want the switch to use
for authentication. If you will use
more than one server, determine
which server is your first-choice for
authentication services.
• The encryption key, if any, for
allowing the switch to communicate
with the server. You can use either a
global key or a server-specific key,
depending on the encryption
configuration in the TACACS+
server(s).
• The number of log-in attempts you
will allow before closing a log-in
session. (Default: 3)
• The period you want the switch to
wait for a reply to an authentication
request before trying another
server.
• The username/password pairs you
want the TACACS+ server to use for
controlling access to the switch.
• The privilege level you want for
each username/password pair
administered by the TACACS+
server for controlling access to the
switch.
• The username/password pairs you
want to use for local authentication
(one pair each for Operator and
Manager levels).

Advertisement

Table of Contents
loading

Related Manuals for HP ProCurve Switch 2900yl-24G

Related Content for HP ProCurve Switch 2900yl-24G

This manual is also suitable for:

Procurve switch 2900yl-48gJ9049aJ9050a

Table of Contents