Version 6.6 381 October 2014
Installation & Operation Manual 33. Configuring Security Settings
Table 33-17: TACACS+ Settings
Parameter Name Type Provisioning
Type
Description
Skip AAA Validation
For Special Users
Enum
Disable, Enable
Instant Defines whether authentication for
task-critical (root and ems) users is
peformed using the local user
database or via the centralized
authentication server.
Disable – root and ems users
are authenticated via the
centralized TACACS+ server (like
any other CLI user)
Enable – root and ems users are
authenticated using the local user
database on SC boards.
AAA
Server
Conne
ction
Timeou
t
Integer
0 – 60
Instant Defines the maximum time (in
seconds) that the Media Gateway
awaits response from the currently
active TACACS+ server prior to
falling back to the redundant server.
Note, that the actual "failed server
detection" time is typically much
lower – e.g. failure in TCP/IP
connection establishment typically
takes less than 1 second.
AAA Active Server Integer
1 – 3
Instant Indicates the currently active
TACACS+ server. May be also used
to force the Media GatewayMedia
Gateway to work with the specific
TACACS+ server (assuming that the
server is available).
AAA Cache Password
Expiration
Integer
0 – 90
Instant Defines the expiration time for
"cached" entries in the local user
database.
For example, when set to 30, after a
successful login to the Mediant 8000
the CLI username and password are
"cached" for 1 month. In case of
network outage, within this period, a
specific user will be able to login into
the Gateway CLI using the same
credentials.
Value 0 disables the local cache
feature. Note, however, that in this
case access to the Gateway CLI will
To Next Page
Loading...
