Table of Contents
Advertisement
Configuring Security
Configuring TACACS+ Servers
STEP 4
Configuring TACACS+ Servers
STEP 1
STEP 2
Cisco 220 Series Smart Plus Switches Administration Guide Release 1.0.0.x
Click Apply. The user is added or modified, and the Running Configuration is
updated.
An organization can establish a Terminal Access Controller Access Control
System (TACACS+) server to provide centralied security for all of its devices. In
this way, authentication and authorization can be handled on a single server for all
devices in the organization.
The switch can act as a TACACS+ client that uses the TACACS+ server for the
following services:
•
Authentication—Provides authentication of administrators logging onto the
switch by using usernames and user-defined passwords.
•
Authorization—Performed at login. After the authentication session is
completed, an authorization session starts using the authenticated
username. The TACACS+ server then checks user privileges.
The TACACS+ protocol ensures network integrity, through encrypted protocol
exchanges between the device and the TACACS+ server.
TACACS+ is supported only with IPv4.
Some TACACS+ servers support a single connection that enables the device to
receive all information in a single connection. If the TACACS+ server does not
support this, the device reverts back to multiple connections.
Use the TACACS+ page to configure the TACACS+ servers. You can define the
default parameters, such as the key string used to encrypt communications with
the TACACS+ server. A user must be configured on the TACACS+ to have
privilege level 15 to be granted permission to administer the switch.
To define a TACACS+ server and default authentication parameters:
Click Security > TACACS+.
In the Use Default Parameters area, enter the following default TACACS+
parameters:
16
182
Advertisement
Table of Contents
