EasyManua.ls Logo

Allied Telesis SwitchBlade x3100 Series - Configuring a Tacacs+ Server

Allied Telesis SwitchBlade x3100 Series
940 pages
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Introduction Configuring a TACACS+ Server
Software Reference for SwitchBlade x3100 Series Switches (Access and Security)
6-78
6.8.3 Configuring a TACACS+ Server
6.8.3.1 Default Configuration
When an SBx3112 switch is initially booted up, there is no TACACS+ server configured.
6.8.3.2 Configuration Guidelines
TACACS+ users have a security level of 1 to 15; for the SBx3112, 1 corresponds with User, 7 with Manager,
and 15 with Security Officer. Therefore, the Network Access product users “manager” and “securityofficer”
correspond to the TACACS+ users “$enab7$” and “$enab15$”. If these are not configured in TACACS+, then
TACACS+ will refuse the authentication when a user tries the command “Enable manager/securityofficer”.
Also, the syntax of this command depends on the level of the user; someone at the User level will have both
manager/securityofficer as options while someone at the Manager level will have only securityofficer available (if
they are data filled at the TACACS+ server).
6.8.3.3 Configuration Procedure
The following procedure shows the commands used to set up a TACACS+ server.
TABLE 6-17 Configuration Procedure for TACACS+
Step Command Description
Add a TACACS+ server. Status of Enabled, Port of 49, Retries of 3, and Timeout of 5 are all default settings.
1
ADD TACPLUS SERVER 10.10.10.20
Show the TACACS+ server status. The default status of TACACS+ server is Enabled. The default settings for Port,
Retries, and Timeout are 49, 3 and 5, respectively.
2
SHOW TACPLUS
--- TACACS+ -------------------------------------------------------------------
Auth Mode............................. Login
-------------------------------------------------------------------------------
--- TACACS+ Servers -----------------------------------------------------------
Acct
Hostname/IP Address Status Pri Port Port Retries Timeout Function
------------------- -------- ---- ----- ----- ------- ------- ----------------
10.10.10.20 Enabled 1 49 1813 3 5
Add a shared key
3
ADD TACPLUS SERVER 10.10.10.20 KEY MEOW
Enable authentication
4
SET TACPLUS SERVER 10.10.10.20 AUTHENTICATION ON

Table of Contents

Related product manuals