Dell Force10 S2410-01-10GE-24P - Page 136

Dell Force10 S2410-01-10GE-24P

306 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

136 | Providing User Access Security

www.dell.com | support.dell.com

TACACS would generally not be the last method specified, in order to avoid a situation where the final

authentication option depends on a server that might be offline. Generally, you would specify

local as the

final method. For example, in the command string “

authentication login listone tacacs

local”, “listone” is the name given to the method list, followed by the selected sequence of authentication

methods—“tacacs” and then “local”. For details on setting local passwords, see Creating a User and

Password on page 36.

TACACS+ includes a group of configurable settings that you can also leave in their default settings. You

can configure some global settings (for all TACACS+ servers), or you can configure settings at the

individual server level. See the Security chapter in the

FTOS Command Line Interface Reference for details on

global settings. See the following section, Configuring TACACS+ Server Connection Options on

page 137, for more on configuring one host.

To specify the IP address of the TACACS host, use the

tacacs-server host command in the Global Config

mode, as shown here. In this example, the user then changes the local timeout to 5 seconds:

Figure 9-97. Setting the IP Address of a TACACS+ Server

Figure 9-98. Display Settings for TACACS+ Server Connections

Figure 9-99 shows the creation of three user authentication method lists, each one with a different priority

sequence. The list called “one” sets TACACS+ as the second authentication method; list “two” defaults to

local authentication; list “three” sets TACACS+ as the first method.

Figure 9-99. Setting the Authentication Method with the authentication login Command

4

show tacacs Privileged

Exec

Verify the configuration and status of TACACS

servers (See Figure 9-98).

5

show authentication Privileged

Exec

Display the ordered authentication methods for all

authentication login lists.

Step Command Syntax

Command

Mode Purpose

Force10#config

Force10 (Config)#tacacs-server host 1.1.1.1

Force10 (Tacacs)#timeout 5

Force10 (Tacacs)#exit

Force10 (Config)#

Force10 #show tacacs

Global Timeout: 5

IP address Port Timeout Priority

--------------- ----- ------- --------

10.10.10.226 49 Global 0

10.16.1.58 49 Global 0

Force10_S50 (Config)#authentication login one local tacacs

Force10_S50 (Config)#authentication login two

Force10_S50 (Config)#authentication login three tacacs reject

Table of Contents

Other manuals for Dell Force10 S2410-01-10GE-24P

Command Reference514 pages

Quick Start Guide30 pages

Application Note6 pages

Related product manuals

Preview: Dell Force10 S25-01-GE-24P

Dell Force10 S25-01-GE-24P

Preview: Dell Force10 C150

Dell Force10 C150

Preview: Dell Force10 MXL Blade

Dell Force10 MXL Blade

Preview: Dell FORCE10 Open Automation

Dell FORCE10 Open Automation

Preview: Dell PowerEdge FX2

Dell PowerEdge FX2

Preview: Dell PowerEdge FC640

Dell PowerEdge FC640

Dell Precision FX100

Preview: Dell PowerEdge FC430

Dell PowerEdge FC430

Preview: Dell PowerEdge FC630

Dell PowerEdge FC630

Preview: Dell PowerEdge FC830

Dell PowerEdge FC830

Preview: Dell POWEREDGE R710

Dell POWEREDGE R710

Preview: Dell PowerEdge T110

Dell PowerEdge T110