EasyManua.ls Logo

Cyclades AlterPath ACS - Group Authorization on TACACS

Cyclades AlterPath ACS
398 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Security Menu & Forms
230
3
To apply “Authorization” in addition to authentication to the box and ports,
select the “Enable Raccess Authorization” check box.
By default “Raccess Authorization” is disabled, and no additional
authorization is implemented. When “Raccess Authorization” is enabled,
the authorization level of users trying to access ACS or its ports using
TACACS+ authentication is checked. Users with administrator privileges
have administrative access, and users with regular user privileges have
regular user access.
4 To specify a time out period in seconds for each authentication attempt, type a
number in the “Timeout” field.
If the authentication server does not respond to the client’s login attempt
before the specified time period, the login attempt is cancelled. The user may
retry depending on the number specified in the “Retries” field on this form.
5 To specify a number of times the user can request authentication verification
from the server before sending an authentication failure message to the user,
enter a number in the “Retries” field.
6 Click “apply changes.”
The changes are stored in /etc/tacplus.conf on the ACS.
Group Authorization on TACACS+
Using an authorization method in addition to authentication provides an extra
level of system security. Selecting Security > Authentication > TACACS+ in
Expert mode brings up the TACACS+ form where an administrators can
configure a TACACS+ authentication server and can also enable user
authorization checking.
By checking the “Enable Raccess Authorization” check box, an additional
level of security checking is implemented. After each user is successfully
authenticated through the standard login procedure, the ACS uses TACACS+
to authorize whether or not each user/group is allowed to access specific serial
ports.
By default the “Enable Raccess Authorization” is disabled allowing all users
full authorization. When this feature is enabled by placing a check mark in the
box, users/groups are denied access unless they have the proper authorization,
which must be set on the TACACS+ authentication server itself. To see the

Table of Contents

Other manuals for Cyclades AlterPath ACS

Preview: Command Reference Guide
Command Reference Guide420 pages

Related product manuals