SecureStack C2 Configuration Guide 23-1
23
Authentication and Authorization
Configuration
Thischapterdescribestheauthenticationandauthorizationcommandsandhowtousethem.
Overview of Authentication and Authorization Methods
Thefollowingmethodsareavailableforcontrollingwhichusersareallowedtoaccess,monitor,
andmanagetheswitch.
•Loginuseraccountsandpasswords–usedtologintotheCLIviaaTelnetconnectionorlocal
COMportconnection.Fordetails,referto“SettingUserAccountsandPasswords”on
page 3‐2.
•HostAccessControlAuthentication(HACA)–authenticatesuseraccessofTelnet
management,consolelocalmanagementandWebViewviaacentralRADIUSClient/Server
application.WhenRADIUSisenabled,thisessentiallyoverridesloginuseraccounts.When
HACAisactiveperavalidRADIUSconfiguration,theusernamesandpasswordsusedto
accesstheswitchviaTelnet,SSH,WebView,andCOMportswillbevalidatedagainstthe
configuredRADIUSserver.OnlyinthecaseofaRADIUStimeoutwillthosecredentialsbe
comparedagainstcredentialslocallyconfiguredontheswitch.
Fordetails,referto
“ConfiguringRADIUS”onpage 23‐3.
•SNMPuserorcommunitynames–allowsaccesstotheSecureStackC2switchviaanetwork
SNMPmanagementapplication.Toaccesstheswitch,youmustenteranSNMPuseror
communitynamestring.Thelevelofmanagementaccessisdependenton
theassociated
accesspolicy.Fordetails,refertoChapter 8.
For information about... Refer to page...
Overview of Authentication and Authorization Methods 23-1
Configuring RADIUS 23-3
Configuring 802.1X Authentication 23-11
Configuring MAC Authentication 23-21
Configuring Multiple Authentication Methods 23-33
Configuring VLAN Authorization (RFC 3580) 23-45
Configuring MAC Locking 23-50
Configuring Port Web Authentication (PWA) 23-61
Configuring Secure Shell (SSH) 23-73
Configuring Access Lists 23-75
To Next Page
Loading...
Need help?
General