Configuring The Tacacs+ Server For Single Login - HP ProCurve Switch 6120G/XG Manual
Hp procurve series 6120 blade switches access security guide
Hide thumbs
Also See for ProCurve Switch 6120G/XG:
- Configuration manual (662 pages) ,
- Manual (606 pages) ,
- Management manual (222 pages)
Table of Contents
Advertisement
Name
Default
enable
n/a
login <privilege-
privilege-mode
mode>
disabled
local
local
- or -
tacacs
local
none
- or -
none
num-attempts
3
Range
Function
n/a
Specifies the Manager (read/write) privilege level for the access
method being configured.
n/a
login: Specifies the Operator (read-only) privilege level for the
access method being configured.
The privilege-mode option enables TACACS+ for a single login. The
authorized privilege level (Operator or Manager) is returned to the
switch by the TACACS+ server.
n/a
Specifies the primary method of authentication for the access
method being configured.
local: Use the username/password pair configured locally in the
switch for the privilege level being configured
tacacs: Use a TACACS+ server.
n/a
Specifies the secondary (backup) type of authentication being
configured.
local: The username/password pair configured locally in the switch
for the
none: No secondary type of authentication for the specified
Note: If you do not specify this parameter in the command line, the
switch automatically assigns the secondary method as follows:
• If the primary method is
• If the primary method is
1 - 10
In a given session, specifies how many tries at entering the correct
username/password pair are allowed before access is denied and
the session terminated.
Configuring the TACACS+ Server for Single Login
In order for the single login feature to work correctly, you need to check some
entries in the User Setup on the TACACS+ server.
In the User Setup, scroll to the Advanced TACACS+ Settings section. Make
sure the radio button for "Max Privilege for any AAA Client" is checked and
the level is set to 15, as shown in Figure 4-4. Privileges are represented by the
numbers 0 through 15, with zero allowing only Operator privileges (and
requiring two logins) and 15 representing root privileges. The root privilege
level is the only level that will allow Manager level access on the switch.
privilege level being configured
method/privilege path. (Available only if the primary method of
authentication for the access being configured is local.)
tacacs
local
.
local
none
.
TACACS+ Authentication
Configuring TACACS+ on the Switch
, the only secondary method is
, the default secondary method is
4-13
Hide quick links:
Advertisement
Table of Contents
