DES-3550 Layer 2 Fast Ethernet Switch User’s Guide
122
Retransmit(1-255) Enter the value in the retransmit field to change how many times the
device will resend an authentication request when the TACACS
server does not respond.
Key
Authentication key to be shared with a configured TACACS+ server
only. Specify an alphanumeric string up to 254 characters.
Click Apply to add the server host.
Login Method Lists
This command will configure a user-defined or default Login Method List of authentication
techniques for users logging on to the Switch. The sequence of techniques implemented in this
command will affect the authentication result. For example, if a user enters a sequence of
techniques, for example TACACS – XTACACS– local, the Switch will send an authentication
request to the first TACACS host in the server group. If no response comes from the server
host, the Switch will send an authentication request to the second tacacs host in the server
group and so on, until the list is exhausted. At that point, the Switch will restart the same
sequence with the following protocol listed, XTACACS. If no authentication takes place using
the XTACACS list, the local account database set in the Switch is used to authenticate the user.
When the local method is used, the privilege level will be dependant on the local account
privilege configured on the Switch.
Successful login using any of these techniques will give the user a “user” privilege only. If the
user wishes to upgrade his or her status to the administrator level, the user must use the
Enable Admin window, in which the user must enter a previously configured password, set by
the administrator. (See the Enable Admin part of this section for more detailed information
concerning the Enable Admin command.)
To view the following screen click Management > Access Authentication Control > Login
Method Lists:
Figure 7- 11. Login Method Lists Settings window
The Switch contains one Method List that is set and cannot be removed, yet can be modified.
To delete a
Login Method List
defined by the user, click the
under the
Delete
heading
corresponding to the entry desired to be deleted. To modify a Login Method List, click on its
hyperlinked Method List Name. To configure a Method List, click the Add button.
Both actions will result in the same screen to configure:
NOTE: More than one authentication protocol can be run on the
same physical server host but, remember that
TACACS/XTACACS/TACACS+ are separate entities and are not
compatible with each other.
To Next Page
Loading...
