EasyManuals Logo

Foundry Networks Switch and Router User Manual

Default Icon
1070 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #84 background imageLoading...
Page #84 background image
Foundry Switch and Router Installation and Configuration Guide
3 - 20 December 2000
When TACACS+ command authorization takes place, the following events occur:
1. A Telnet, SSH, or Web management interface user previously authenticated by a TACACS+ server enters a
command on the Foundry device.
2. The Foundry device looks at its configuration to see if the command is at a privilege level that requires
TACACS+ command authorization.
3. If the command belongs to a privilege level that requires authorization, the Foundry device consults the
TACACS+ server to see if the user is authorized to use the command.
4. If the user is authorized to use the command, the command is executed.
TACACS+ Accounting
TACACS+ accounting works as follows:
1. One of the following events occur on the Foundry device:
• A user logs into the management interface using Telnet or SSH
• A user enters a command for which accounting has been configured
• A system event occurs, such as a reboot or reloading of the configuration file
2. The Foundry device checks its configuration to see if the event is one for which TACACS+ accounting is
required.
3. If the event requires TACACS+ accounting, the Foundry device sends a TACACS+ Accounting Start packet to
the TACACS+ accounting server, containing information about the event.
4. The TACACS+ accounting server acknowledges the Accounting Start packet.
5. The TACACS+ accounting server records information about the event.
6. When the event is concluded, the Foundry device sends an Accounting Stop packet to the TACACS+
accounting server.
7. The TACACS+ accounting server acknowledges the Accounting Stop packet.
AAA Operations for TACACS/TACACS+
The following table lists the sequence of authentication, authorization, and accounting operations that take place
when a user gains access to a Foundry device that has TACACS/TACACS+ security configured.
User Action Applicable AAA Operations
User attempts to gain access to the
Privileged EXEC and CONFIG levels of
the CLI
Enable authentication:
aaa authentication enable default <method-list>
Exec authorization (TACACS+):
aaa authorization exec default tacacs+
System accounting start (TACACS+):
aaa accounting system default start-stop <method-list>

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Foundry Networks Switch and Router and is the answer not in the manual?

Foundry Networks Switch and Router Specifications

General IconGeneral
BrandFoundry Networks
ModelSwitch and Router
CategorySwitch
LanguageEnglish

Related product manuals