Chapter 12
| Security Measures
AAA Authorization and Accounting
– 253 –
Command Usage
â—† If a remote authentication server is used, you must specify the message
exchange parameters for the remote authentication protocol. Both local and
remote logon authentication control management access via the console port,
web browser, or Telnet.
â—† RADIUS and TACACS+ logon authentication assign a specific privilege level for
each user name/password pair. The user name, password, and privilege level
must be configured on the authentication server. The encryption methods
used for the authentication process must also be configured or negotiated
between the authentication server and logon client. This switch can pass
authentication messages between the server and client that have been
encrypted using MD5 (Message-Digest 5), TLS (Transport Layer Security), or
TTLS (Tunneled Transport Layer Security).
Parameters
These parameters are displayed:
Configure Server
â—† RADIUS
â–
Global – Provides globally applicable RADIUS settings.
â–
Server Index – Specifies one of five RADIUS servers that may be
configured. The switch attempts authentication using the listed sequence
of servers. The process ends when a server either approves or denies access
to a user.
â–
Server IP Address – Address of authentication server.
(A Server Index entry must be selected to display this item.)
â–
Accounting Server UDP Port – Network (UDP) port on authentication
server used for accounting messages.
(Range: 1-65535; Default: 1813)
â–
Authentication Server UDP Port – Network (UDP) port on authentication
server used for authentication messages.
(Range: 1-65535; Default: 1812)
â–
Authentication Timeout – The number of seconds the switch waits for a
reply from the RADIUS server before it resends the request.
(Range: 1-65535; Default: 5)
â–
Authentication Retries – Number of times the switch tries to authenticate
logon access via the authentication server. (Range: 1-30; Default: 2)
â–
Set Key – Mark this box to set or modify the encryption key.
To Next Page
Loading...
Need help?
General
