Tacacs+ Server Configuration - HP 445860-B21 - 10Gb Ethernet BL-c Switch Command Reference Manual

Hp 10gb ethernet bl-c switch command reference guide

Hide thumbs Also See for 445860-B21 - 10Gb Ethernet BL-c Switch:

Reference manual (262 pages)

User manual (60 pages)

Application manual (198 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

page of 224

/ 224
Contents
Table of Contents
Bookmarks

Table of Contents

Table 81

RADIUS Server Configuration Menu options

Command

off

cur

IMPORTANT:

via the console or Telnet/SSH/HTTP/HTTPS. Backdoor for console is always enabled, so you can

connect using noradius and the administrator password even if the backdoor (telnet) or secure

backdoor (secbd) are disabled.

If Telnet backdoor is enabled (telnet ena), type in noradius as a backdoor to bypass RADIUS

checking, and use the administrator password to log into the switch. The switch allows this even if

RADIUS servers are available.

If secure backdoor is enabled (secbd ena), type in noradius as a backdoor to bypass RADIUS

checking, and use the administrator password to log into the switch. The switch allows this only if

RADIUS servers are not available.

TACACS+ server configuration

Command: /cfg/sys/tacacs+

[TACACS+ Server Menu]

prisrv

secsrv

secret

secret2 - Set secret for secondary TACACS+ server

port

retries - Set number of TACACS+ server retries

timeout - Set timeout value of TACACS+ server retries

bckdoor - Enable/disable TACACS+ back door for telnet/ssh/http/https

secbd

cmap

usermap - Set user privilege mappings

off

cur

TACACS+ (Terminal Access Controller Access Control System) is an authentication protocol that allows a

remote access server to forward a user's logon password to an authentication server to determine whether

access can be allowed to a given system. TACACS+ and Remote Authentication Dial-In User Service

(RADIUS) protocols are more secure than the TACACS encryption protocol. TACACS+ is described in RFC

1492.

TACACS+ protocol is more reliable than RADIUS, as TACACS+ uses the Transmission Control Protocol

(TCP) whereas RADIUS uses the User Datagram Protocol (UDP). Also, RADIUS combines authentication

and authorization in a user profile, whereas TACACS+ separates the two operations.

Description

Enables the RADIUS server.

Disables the RADIUS server. This is the default.

Displays the current RADIUS server parameters.

If RADIUS is enabled, you must login using RADIUS authentication when connecting

- Set IP address of primary TACACS+ server

- Set IP address of secondary TACACS+ server

- Set secret for primary TACACS+ server

- Set TACACS+ port number

- Enable/disable TACACS+ secure backdoor for telnet/ssh/http/https

- Enable/disable TACACS+ new privilege level mapping

- Enable TACACS+ authentication

- Disable TACACS+ authentication

- Display current TACACS+ settings

Configuration Menu

118

Table of Contents

Tacacs+ Server Configuration - HP 445860-B21 - 10Gb Ethernet BL-c Switch Command Reference Manual

TACACS+ server configuration

Related Manuals for HP 445860-B21 - 10Gb Ethernet BL-c Switch

Related Content for HP 445860-B21 - 10Gb Ethernet BL-c Switch

Table of Contents