Table of Contents
Advertisement
User authentication
Note
DAL authentication does not support the use of the # character in the key (e.g.,
DAL#123;&). If included, the server will be unable to decipher the request.
e. (Optional) Click g again to add additional TACACS+ servers.
5. (Optional) Enable Authoritative to prevent other authentication methods from being
attempted if TACACS+ login fails.
6. (Optional) For Group attribute, type the name of the attribute used in the TACACS+ server's
configuration to identify the IX40 authentication group or groups that the user is a member of.
For example, in
file is groupname, which is also the default setting in the IX40 configuration.
7. (Optional) For Service, type the value of the service attribute in the the TACACS+ server's
configuration. For example, in
the sample tac_plus.conf file is system, which is also the default setting in the IX40
configuration.
8. (Optional) Enable Command authorization, which instructs the device to communicate with
the TACACS+ server to determine if the user is authorized to execute a specific command. Only
the first configured TACACS+ server will be used for command authorization.
9. (Optional) Enable Command accounting, which instructs the device to communicate with the
TACACS+ server to log commands that the user executes. Only the first configured TACACS+
server will be used for command accounting.
10. Add TACACS+ to the authentication methods:
a. Click Authentication > Methods.
b. For Add method, click g .
c. Select TACACS+ for the new method from the Method drop-down.
Authentication methods are attempted in the order they are listed until an authentication
response, either pass or fail, is received. If Authoritative is enabled (see above), non-
authoritative methods are not attempted. See
methods
for information about rearranging the position of the methods in the list.
11. Click Apply to save the configuration and apply the change.
Command line
1. Select the device in Remote Manager and click Actions > Open Console, or log into the IX40
local command line as a user with full Admin access rights.
Depending on your device configuration, you may be presented with an Access selection
menu. Type admin to access the Admin CLI.
IX40 User Guide
Terminal Access Controller Access-Control System Plus (TACACS+)
TACACS+ user
configuration, the group attribute in the sample tac_plus.conf
TACACS+ user
configuration, the value of the service attribute in
Rearrange the position of authentication
744
Advertisement
Table of Contents
