Download  Print this page

Tacacs+ Flow; Tacacs+ Packet - GE MULTILINK ML2400 Instruction Manual

Ethernet communications switch.
Hide thumbs

Advertisement

ACCESS USING TACACS+
8.1.2

TACACS+ Flow

8.1.3

TACACS+ Packet

8–2
TACACS works in conjunction with the local user list on the ML2400 software (operating
system). Please refer to User Management on page 1–14 for adding users on the MultiLink
Switch Software. The process of authentication as well as authorization is shown in the
flow chart below.
Login as Operator
No
Is User Manager?
Yes
Login as Manager
Logout
Logout
Login as Operator
FIGURE 8–1: TACACS Authorization Flowchart
The above flow diagram shows the tight integration of TACACS+ authentication with the
local user-based authentication. There are two stages a user goes through in TACACS+. The
first stage is authentication where the user is verified against the network user database.
The second stage is authorization, where it is determined whether the user has operator
access or manager privileges.
Packet encryption is a supported and is a configurable option for the ML2400 software.
When encrypted, all authentication and authorization TACACS+ packets are encrypted and
are not readable by protocol capture and sniffing devices such as EtherReal or others.
Packet data is hashed and shared using MD5 and secret string defined between the
MultiLink switches and the TACACS+ server.
MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL
Start
Login
Yes
User in Local
User List?
No
TACACS+ Enabled?
No
Yes
Authentication
Connection failure
failure
Connect to
TACACS server to
authenticate
Authorized as
Authenticated
Operator or
Authorization failure
TACACS+
authorization
Authorized as
Manager
Login as Manager
CHAPTER 8: ACCESS USING TACACS+
Yes
Additional
Additional
Servers?
Servers?
No
Logout
754716A1.CDR

Advertisement

Table of Contents

   Also See for GE MULTILINK ML2400

   Related Manuals for GE MULTILINK ML2400

Comments to this Manuals

Symbols: 0
Latest comments: