Foundry Networks Switch and Router Installation And Configuration Manual page 95

you want to use multiple authentication methods, make sure you enter the primary authentication method
first, the secondary authentication method second, and so on.
If you need to delete an entry, select the access type and authentication method for the entry, then click
Delete.
20. Click Home to return to the System configuration panel, then select the Save link at the bottom of the dialog.
Select Yes when prompted to save the configuration change to the startup-config file on the device's flash
memory.
21. To configure TACACS+ authorization, select the Management link to display the Management panel and
select the Authorization Methods link to display the Authorization Method panel, as shown in the following
example.
22. To configure TACACS+ exec authorization, select Exec from the Type field's pulldown menu.
23. To configure TACACS+ command authorization, select Commands from the Type field's pulldown menu and
select a privilege level by clicking on one of the following radio buttons:
• 0 – Authorization is performed for commands available at the Super User level (all commands)
• 4 – Authorization is performed for commands available at the Port Configuration level (port-config and
read-only commands)
• 5 – Authorization is performed for commands available at the Read Only level (read-only commands)
NOTE: TACACS+ command authorization is performed only for commands entered from Telnet or SSH
sessions. No authorization is performed for commands entered at the console, the Web management
interface, or IronView.
24. Click on the radio button next to TACACS+.
25. Click the Add button to save the change to the device's running-config file.
The authorization method you selected are displayed in the table at the top of the dialog. Each time you add
an authorization method for a given access type, the software assigns a sequence number to the entry.
When authorization is performed, the software tries the authorization sources in ascending sequence order
until the request is either approved or denied. Each time you add an entry for a given access type, the
software increments the sequence number. Thus, if you want to use multiple authentication methods, make
December 2000
Securing Access to Management Functions
3 - 31