Authentication Server Settings - D-Link DES-3528 - xStack Switch - Stackable Reference Manual

xStack® DES-3528/DES-3552 Series Layer 2 Stackable Fast Ethernet Managed Switch Web UI Reference Guide
NOTE: The user must configure Authentication Server Hosts using the Authentication Server Hosts
window before adding hosts to the list. Authentication Server Hosts must be configured for their
specific protocol on a remote centralized server before this function can work properly.
NOTE: The three built-in server groups can only have server hosts running the same TACACS daemon.
TACACS/XTACACS/TACACS+ protocols are separate entities and are not compatible with each
other.

Authentication Server Settings

User-defined Authentication Server Hosts for the TACACS / XTACACS / TACACS+ / RADIUS security protocols can
be set on the Switch. When a user attempts to access the Switch with Authentication Policy enabled, the Switch will
send authentication packets to a remote TACACS / XTACACS / TACACS+ / RADIUS server host on a remote host.
The TACACS / XTACACS / TACACS+ / RADIUS server host will then verify or deny the request and return the
appropriate message to the Switch. More than one authentication protocol can be run on the same physical server host
but, remember that TACACS / XTACACS / TACACS+ / RADIUS are separate entities and are not compatible with
each other. The maximum supported number of server hosts is 16.
To view this window, click Security > Access Authentication Control > Authentication Server Settings, as shown
below:
The fields that can be configured are described below:
Parameter
IP Address
Protocol
Key (Max: 254
characters)
Port (1-65535)
Timeout (1-255)
Retransmit (1-20)
Click the Apply button to accept the changes made.
Figure 8-65 Authentication Server Settings window
Description
The IP address of the remote server host to add.
The protocol used by the server host. The user may choose one of the following:
TACACS - Enter this parameter if the server host utilizes the TACACS protocol.
XTACACS - Enter this parameter if the server host utilizes the XTACACS protocol.
TACACS+ - Enter this parameter if the server host utilizes the TACACS+ protocol.
RADIUS - Enter this parameter if the server host utilizes the RADIUS protocol.
Authentication key to be shared with a configured TACACS+ or RADIUS servers only.
Specify an alphanumeric string up to 254 characters.
Enter a number between 1 and 65535 to define the virtual port number of the
authentication protocol on a server host. The default port number is 49 for
TACACS/XTACACS/TACACS+ servers and 1813 for RADIUS servers but the user
may set a unique port number for higher security.
Enter the time in seconds the Switch will wait for the server host to reply to an
authentication request. The default value is 5 seconds.
Enter the value in the retransmit field to change how many times the device will resend
an authentication request when the TACACS server does not respond.
261