EasyManuals Logo

EnerSys Alpha Cordex CXC HP User Manual

EnerSys Alpha Cordex CXC HP
279 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #218 background imageLoading...
Page #218 background image
Cordex®CXCHPControllerSoftwareManual|20-Maintainingthecontroller
Test TACACS+ Server Settings: ProvidesachecktodetermineifthebasicTACACS+
configurationissetcorrectly.Thisfeatureadditionallycompletesatrialauthenticationrequestto
ensureitcancontacttheTACACS+server.
Network: OperatesontheTransmissionControlProtocol(TCP).
Notice: The Test TACACS+ Server Settings feature cannot determine if the Attribute Name and
Group Attribute values are spelled correctly since these are set on the TACACS+ server side.
How TACACS+ authentication works
WhenauserlogsinwhentheRemote Authentication Type fieldissettoTACACS+ (RADIUS is
disabled) onthecontroller,thecontrollerwillbegincommunicationwiththeTACACS+server.Apacket
bodycontainingtheuserscredentialswillfirstbeencryptedandsenttotheserver;dependingonthe
TACACS+ Encryption Protocol selected,theremaybemultiplemessagessentbetweenthecontroller
andtheTACACS+server.
IftheTACACS+severauthenticatestheuser,thecontrollerwillthensendaTACACS+Authorization
request.Atthispoint,theTACACS+serverwillrespondwithanyAttribute-Valuepairsthataresetwithin
theserverconfiguration.IfanyofthesepairsmatchtheAttribute Name andoneoftheGroup Attribute
Values oftheUserRolesConfigurationtable,thecontrollerwillassigntherespectiveuserprivilegeand
proceedtologtheuserin.Iftherearenomatches,theuserisdeniedaccess.IftwoormoreGroup
Attribute Values areassignedthesamevalue,thecontrollerwillassignthefirstmatchinguserroleinthe
followingorder:AdminUserRole,thenAccountsUserRole,thenOperatorUserRole,thenRestricted
OperatorUserRole,thenGuestUserRole.
Uponasuccessfullogin,theencryptedusercredentialsaresavedinthecontrollerscache.Thiscanbe
usedifthereisasituationwheretheTACACS+Serverisunavailable.
ThefollowingTACACS+serversettingscanbeconfigured:
Remote Authentication Type: WhensettoTACACS+ (RADIUS is Disabled),usersareallowed
tobeauthenticatedbyaTACACS+server.
TACAS+ Authentication Server Address: TheDNSnameortheIPv4/IPv6addressforthe
TACAS+server.
TACAS+ Authentication Server Port: Thedefaultportis49.
TACAS+ Timeout: Thetime,inseconds,thatthecontrollerwaitsforaresponsefromtheTACAS+
server.
TACAS+ Encryption Protocol: Theauthenticationmethodusedbythecontrollertoencrypt
TACACS+packetbodies.ThisiseitherPasswordAuthenticationProtocol(PAP),Challenge-
HandshakeAuthenticationProtocol(CHAP),orASCIIauthentication.
TACACS+ Server Secret Key: ThesecretkeystoredonboththecontrollerandtheTACACS+
server.SetthisvaluebyusingtheSet Shared Secret button.Youcancleartheconfiguredshared
secretbyusingtheClear Shared Secret button.
0350058-J0 Rev AL Page 217

Table of Contents

Other manuals for EnerSys Alpha Cordex CXC HP

Preview: Integrator Guide
Integrator Guide48 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the EnerSys Alpha Cordex CXC HP and is the answer not in the manual?

EnerSys Alpha Cordex CXC HP Specifications

General IconGeneral
BrandEnerSys
ModelAlpha Cordex CXC HP
CategoryController
LanguageEnglish