EasyManua.ls Logo

Alcatel-Lucent OmniSwitch 6800 Series - Server Overview; Backup Authentication Servers; Authenticated Switch Access

Alcatel-Lucent OmniSwitch 6800 Series
926 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Managing Authentication Servers Server Overview
OmniSwitch 6800/6850/9000 Network Configuration Guide March 2008 page 25-5
Server Overview
Authentication servers are sometimes referred to as AAA servers (authentication, authorization, and
accounting). These servers are used for storing information about users who want to manage the switch
(Authenticated Switch Access) and users who need access to a particular VLAN or VLANs (Authenti-
cated VLANs).
RADIUS, TACACS +, or LDAP servers may be used for Authenticated Switch Access and/or Authenti-
cated VLANs. Another type of server, SecurID’s ACE/Server, may be used for authenticated switch
access only; the ACE/Server is an authentication-only server (no authorization or accounting). Only
RADIUS servers are supported for 802.1X Port-based Network Access Control.
The following table describes how each type of server may be used with the switch:
Backup Authentication Servers
Each RADIUS, TACACS+, and LDAP server may have one backup host (of the same type) configured
through the aaa radius-server, aaa tacacs+-server, and aaa ldap-server commands, respectively. In
addition, each authentication method (Authenticated Switch Access, Authenticated VLANs, or 802.1X)
may specify a list of backup authentication servers that includes servers of different types (if supported on
the feature).
The switch uses the first available authentication server to attempt to authenticate users. If user informa-
tion is not found on the first available server, the authentication attempts fails.
Authenticated Switch Access
When RADIUS, TACACS+, and/or LDAP servers are set up for Authenticated Switch Access, the switch
polls the server for user login information. The switch also polls the server for privilege information
(authorization) if it has been configured on the server; otherwise, the local user database is polled for the
privileges.
For RADIUS, TACACS+, and LDAP, additional servers may be configured as backups.
Server Type
Authenticated Switch
Access
Authenticated VLANs
802.1X Port-Based
Network Access Control
ACE/Server yes (except SNMP) no no
RADIUS yes (except SNMP) yes yes
TACACS+ yes (including SNMP) yes no
LDAP yes (including SNMP) yes no

Table of Contents

Other manuals for Alcatel-Lucent OmniSwitch 6800 Series

Preview: User Guide
User Guide32 pages
Preview: Management Guide
Management Guide292 pages
Preview: Getting Started Guide
Getting Started Guide32 pages

Related product manuals