Configuring Security
TACACS+ Configuration
Cisco Small Business 300 Series Managed Switch Administration Guide 195
16
• Password Aging Time—Enter the number of days that can elapse before
the user must change the password. The default is 180 days.
STEP 4 Click Apply. The password settings are set, and the switch is updated.
TACACS+ Configuration
The switch is a Terminal Access Controller Access Control System (TACACS+)
client that relies on a TACACS+ server to provide centralized security, authorizing
and authenticating users attempting to access and administer the switch.
TACACS+ provides the following services:
• Authentication—Provides authentication of administrators logging onto the
switch by using usernames and user-defined passwords.
• Authorization—Performed at login. After the authentication session is
completed, an authorization session starts using the authenticated
username. The TACACS+ server then checks user privileges.
The TACACS+ protocol ensures network integrity, through encrypted protocol
exchanges between the device and the TACACS+ server.
TACACS+ is supported only with IPv4.
TACACS+ servers cannot be used as 802.1X authentication servers to verify
credentials of network users trying to join the networks through the switch.
Some TACACS+ servers support a single connection that enables the device to
receive all information in a single connection. If the TACACS+ server does not
support this, the device reverts back to multiple connections.
To Next Page
Loading...
