Setting Up Security Attributes
Page 46 7705 SAR OS System Management Guide
Setting Up Security Attributes
Table 4 depicts the capabilities of authentication, authorization, and accounting
configurations. For example, authentication can be enabled locally and on RADIUS and
TACACS+ servers. Authorization can be executed locally, on a RADIUS server, or on a
TACACS+ server. Accounting can be performed on a RADIUS or TACACS+ server.
Configuring Authentication
Refer to the following sections to configure authentication:
• Local authentication
→ Configuring Password Management Parameters on page 54
→ Configuring Profiles on page 55
→ Configuring Users on page 56
• RADIUS authentication (with local authorization)
By default, authentication is enabled locally. Perform the following tasks to
configure security on each participating 7705 SAR router:
→ Configuring Profiles on page 55
→ Configuring RADIUS Authentication on page 63
→ Configuring Users on page 56
• RADIUS authentication (with RADIUS authorization)
To implement RADIUS authentication with authorization, perform the following
tasks on each participating 7705 SAR router:
→ Configuring RADIUS Authentication on page 63
→ Configuring RADIUS Authorization on page 64
Table 4: Security Configuration Requirements
Authentication Authorization Accounting
Local Local None
RADIUS Local and RADIUS RADIUS
TACACS+ Local and TACACS+ TACACS+
To Next Page
Loading...
