To Next Page

To Previous Page

2-6

TACACS+ Authentication

General Authentication Setup Procedure

Notes The effectiveness of TACACS+ security depends on correctly using your

TACACS+ server application. For this reason, HP recommends that you

thoroughly test all TACACS+ configurations used in your network.

TACACS-aware HP switches include the capability of configuring multiple

backup TACACS+ servers. HP recommends that you use a TACACS+ server

application that supports a redundant backup installation. This allows you to

configure the switch to use a backup TACACS+ server if it loses access to the

first-choice TACACS+ server.

In release H.07.xx, TACACS+ does not affect web browser interface access.

Refer to “Controlling Web Browser Interface Access When Using TACACS+

Authentication” on page 2-24.

General Authentication Setup Procedure

It is important to test the TACACS+ service before fully implementing it.

Depending on the process and parameter settings you use to set up and test

TACACS+ authentication in your network, you could accidentally lock all

users, including yourself, out of access to a switch. While recovery is simple,

it may pose an inconvenience that can be avoided.To prevent an unintentional

lockout on a Switch 2650 or 6108 , use a procedure that configures and tests

TACACS+ protection for one access type (for example, Telnet access), while

keeping the other access type (console, in this case) open in case the Telnet

access fails due to a configuration problem. The following procedure outlines

a general setup procedure.

Note If a complete access lockout occurs on the switch as a result of a TACACS+

configuration, see "TACACS Related Problems" in the Troubleshooting

chapter of the Management and Configuration Guide for your switch.

1. Familiarize yourself with the requirements for configuring your

TACACS+ server application to respond to requests from a Switch 2650

and 6108. (Refer to the documentation provided with the TACACS+

server software.) This includes knowing whether you need to configure

an encryption key. (See “Using the Encryption Key” on page 2-23.)

!FishSecurity.book Page 6 Thursday, October 10, 2002 9:19 PM

Questions and Answers:

Need help?

Do you have a question about the HP ProCurve Switch 2650 and is the answer not in the manual?

HP ProCurve Switch 2650 Specifications

General

Switching Capacity	13.6 Gbps
Forwarding Rate	10.1 Mpps
Layer	Layer 2
Form Factor	Rack-mountable
Flash Memory	8 MB
Jumbo Frame Support	Yes
Power Supply	Internal
Management	Web, CLI, SNMP
Features	VLAN support, IGMP snooping, QoS
Operating Temperature	0°C to 45°C (32°F to 113°F)
Operating Humidity	15% to 95% (non-condensing)
Ports	48 x 10/100
MAC Address Table Size	8, 000 entries