HP PROCURVE 6208M-SX Installation And Getting Started Manual page 79

Hewlett-packard switch user manual
Hide thumbs Also See for PROCURVE 6208M-SX:
Table of Contents

Advertisement

Installation and Getting Started Guide
Timeout – This parameter specifies how many seconds the HP device waits for a response from a TACACS/
TACACS+ server before either retrying the authentication request, or determining that the TACACS/
TACACS+ servers are unavailable and moving on to the next authentication method in the authentication­
method list. The timeout can be from 1 – 15 seconds. The default is 3 seconds.
Setting the TACACS+ Key
The key parameter in the tacacs-server command is used to encrypt TACACS+ packets before they are sent
over the network. The value for the key parameter on the HP device should match the one configured on the
TACACS+ server. The key can be from 1 – 32 characters in length.
NOTE: The tacacs-server key command applies only to TACACS+ servers, not to TACACS servers. If you are
configuring TACACS, do not configure a key on the TACACS server and do not enter a key on the HP device.
To specify a TACACS+ server key:
HP9300(config)# tacacs-server key rkwong
Syntax: tacacs-server key <key-string>
Setting the Retransmission Limit
The retransmit parameter specifies how many times the HP device will resend an authentication request when
the TACACS/TACACS+ server does not respond. The retransmit limit can be from 1 – 5 times. The default is 3
times.
To set the TACACS/TACACS+ retransmit limit:
HP9300(config)# tacacs-server retransmit 5
Syntax: tacacs-server retransmit <number>
Setting the Dead Time Parameter
The dead-time parameter specifies how long the HP device waits for the primary authentication server to reply
before deciding the server is dead and trying to authenticate using the next server. The dead-time value can be
from 1 – 5 seconds. The default is 3 seconds.
To set the TACACS/TACACS+ dead-time value:
HP9300(config)# tacacs-server dead-time 5
Syntax: tacacs-server dead-time <number>
Setting the Timeout Parameter
The timeout parameter specifies how many seconds the HP device waits for a response from the TACACS/
TACACS+ server before either retrying the authentication request, or determining that the TACACS/TACACS+
server is unavailable and moving on to the next authentication method in the authentication-method list. The
timeout can be from 1 – 15 seconds. The default is 3 seconds.
HP9300(config)# tacacs-server timeout 5
Syntax: tacacs-server timeout <number>
Configuring Authentication-Method Lists for TACACS/TACACS+
You can use TACACS/TACACS+ to authenticate Telnet/SSH access and access to Privileged EXEC level and
CONFIG levels of the CLI. When configuring TACACS/TACACS+ authentication, you create authentication­
method lists specifically for these access methods, specifying TACACS/TACACS+ as the primary authentication
method.
Within the authentication-method list, TACACS/TACACS+ is specified as the primary authentication method and
up to six backup authentication methods are specified as alternates. If TACACS/TACACS+ authentication fails
due to an error, the device tries the backup authentication methods in the order they appear in the list.
3 - 22

Advertisement

Table of Contents
loading

This manual is also suitable for:

Procurve 1600m

Table of Contents