Allied Telesis AR410 User Manual page 52

Ar400 series software release 2.7.1

Hide thumbs Also See for AR410:

Hardware reference manual (111 pages)

Quick install manual (12 pages)

Hardware reference manual (100 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

Table of Contents

In normal mode, a user with manager privilege can create and delete accounts

for users with any of these privilege levels. Users and passwords are managed

by the User Authentication Facility. Users and passwords are authenticated

using an internal database called the User Authentication Database, or by

interrogation of external RADIUS (Remote Authentication Dial In User Service) or

TACACS (Terminal Access Controller Access System) servers.

On the CLI, to use an account with manager privilege, log in to the account by

entering the command:

The router prompts you to enter a user name and password. To return to USER

mode, enter the command:

LOGOFF

Make sure that you do not leave a manager session unattended. Unauthorised

use of a manager session gives access to the User Authentication Database. To

reduce the risk of unauthorised activity, a subset of manager commands have a

security timer. These commands are shown in Table 4 on page 52. When you

enter one of these commands from a manager session, the security timer is

started and is then restarted each time you enter another of these commands. If

you enter one of these commands after the timer has expired, you are

prompted to re-enter the password. The secure delay timer is by default 60

seconds. If the password is not entered correctly the password prompt is

repeated a set number of times. If the correct password is still not entered a log

message is generated and the session is logged off.

The security timer enables a manager to make successive additions and

modifications to the database at one time without having to re-enter the

password for every command.

The security timer does not provide a foolproof security mechanism. Managers

should always attempt to log out of a manager session before leaving a

terminal unattended.

Table 4: Secure commands controlled by the security timer.

Command

ADD TACACS SERVER

ADD USER

DELETE TACACS SERVER

DELETE USER

PURGE USER

SET MANAGER PORT

SET USER

If the router is operating in security mode, the manager must also log in to a user

account with SECURITY OFFICER privilege in order to execute any of the commands

listed in Table 4 on page 52.

AR400 Series Router User Guide

Description

Adds a TACACS server to the list of TACACS servers used

for user authentication.

Adds a user to the User Authentication Database.

Deletes a TACACS server from the list of TACACS servers

used for user authentication.

Deletes a user from the User Authentication Database.

Deletes all users except MANAGER from the User

Authentication Database.

Assigns a port semipermanent MANAGER privilege.

Modifies a user record in the User Authentication Database.

Software Release 2.7.1

C613-02021-00 REV F

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

Ar441s Ar450s Ar440s

Allied Telesis AR410 User Manual page 52

Hide quick links:

Troubleshooting

Related Manuals for Allied Telesis AR410

Related Products for Allied Telesis AR410

This manual is also suitable for:

Table of Contents