Security
Management Access Authentication
Cisco 500 Series Stackable Managed Switch Administration Guide 450
21
• Interface—Enter the interface number.
• Applies to Source IP Address—Select the type of source IP address to
which the access profile applies. The Source IP Address field is valid for a
subnetwork. Select one of the following values:
- All—Applies to all types of IP addresses.
- User Defined—Applies to only those types of IP addresses defined in
the fields.
• IP Version—Select the supported IP version of the source address: IPv6 or
IPv4.
• IP Address—Enter the source IP address.
• Mask—Select the format for the subnet mask for the source IP address, and
enter a value in one of the field:
- Network Mask—Select the subnet to which the source IP address
belongs and enter the subnet mask in dotted decimal format.
- Prefix Length—Select the Prefix Length and enter the number of bits that
comprise the source IP address prefix.
STEP 5 Click Apply, and the rule is added to the access profile.
Management Access Authentication
You can assign authorization and authentication methods to the various
management access methods, such as SSH, console, Telnet, HTTP, and HTTPS.
The authentication can be performed locally or on a TACACS+ or RADIUS server.
If authorization is enabled, both the identity and read/write privileges of the user
are verified. If authorization is not enabled, only the identity of the user is verified.
The authorization/authentication method used is determined by the order that the
authentication methods are selected. If the first authentication method is not
available, the next selected method is used. For example, if the selected
authentication methods are RADIUS and Local, and all configured RADIUS servers
are queried in priority order and do not reply, the user is authorized/authenticated
locally.
To Next Page
Loading...
