User authentication Terminal Access Controller Access-Control System Plus (TACACS+)
IX10 User Guide
709
4. Add TACACS+ servers:
a. For Add server, click .
b. For Hostname, type the hostname or IP address of the TACACS+ server.
c. (Optional) Change the default Port setting to the appropriate port. Normally this should
be left at the default setting of port 49.
d. For Secret, type the TACACS+ server's shared secret. This is configured in the key
parameter of the TACACS+ server's tac_plus.conf file, for example:
key = testing123
e. (Optional) Click again to add additional TACACS+ servers.
5. (Optional) Enable Authoritative to prevent other authentication methods from being
attempted if TACACS+ login fails.
6. (Optional) For Group attribute, type the name of the attribute used in the TACACS+ server's
configuration to identify the IX10 authentication group or groups that the user is a member of.
For example, in TACACS+ user configuration, the group attribute in the sample tac_plus.conf
file is groupname, which is also the default setting in the IX10 configuration.
7. (Optional) For Service, type the value of the service attribute in the the TACACS+ server's
configuration. For example, in TACACS+ user configuration, the value of the service attribute in
the sample tac_plus.conf file is system, which is also the default setting in the IX10
configuration.
8. (Optional) Enable Command authorization, which instructs the device to communicate with
the TACACS+ server to determine if the user is authorized to execute a specific command. Only
the first configured TACACS+ server will be used for command authorization.
9. (Optional) Enable Command accounting, which instructs the device to communicate with the
TACACS+ server to log commands that the user executes. Only the first configured TACACS+
server will be used for command accounting.
10. Add TACACS+ to the authentication methods:
a. Click Authentication > Methods.
b. For Add method, click .
To Next Page
Loading...
Need help?
General
