Authenticate users via Specifies how users should be authenticated when logging in. The options are:
Local – Users are authenticated locally by the system.
RADIUS – Users are authenticated by a RADIUS server.
RADIUS/Local – Users will be authenticated by a RADIUS server if access to the server is available,
fa
lling back to local authentication if access to a RADIUS server is not available.
TACACS+ – Users are authenticated by a TACACS+ server.
TACACS+/Local – Users will be authenticated by a TACACS+ ser
ver if access to the server is available,
falling back to local authentication if access to a TACACS+ server is not available.
NTP Server Specifies the IP address of a NTP (Network Time Protocol)
server. System time will be synchronized with
the NTP server when specified.
RADIUS authentication Allows you to specify options for configu
ring authentication via a RADIUS authentication server. Click
Add server to set up a new server, or click the edit options to update an existing server. The system will
attempt to contact the first RADIUS server in the list, and move on to the next server if it is inaccessible.
Servers can be ordered by dragging with the
button.
The following options are available when configu
ring RADIUS authentication servers:
Server address – IPv4 address of the RADIUS server (ho
stnames not supported). A given server (IP
address) has only a single shared secret. This means, if the same server is listed for both authentication and
accounting, and the user changes the shared secret via one of them, the shared secret for the other is
implicitly changed to match.
Server port – RADIUS UDP request port. RADIUS uses 1
812 for Authentication and 1813 for
Accounting, although some older servers use ports 1645 and 1646 (authentication and accounting,
respectively). Check settings on the server to confirm which ports to use.
Shared secret – A text string that serves as a password between SmartNA-X and the RADIUS server.
Wh
en creating and using a shared secret for use by SmartNA-X, you must:
TACACS+
authentication
Allows you to specify options for configu
ration authentication via a TACACS+ authentication server.
Click Add server to set up a new server, or click the edit options to update an existing server. The system
will attempt to contact the first TACACS+ server in the list, and move on to the next server if it is
inaccessible. Servers can be ordered by dragging with the
button.
Server address – IPv4 address of the TACACS+ server (hostnames are not supported).
Shared secret – TACACS+ shared secret text string betwe
en the SmartNA-X device and the TACACS+
server host. The secret entered here must match that used by the server. When creating and using a shared
secret for use by SmartNA-X, you must:
RADIUS accounting Allows you to specify options for configu
ring a RADIUS accounting server. Adding an accounting server
implicitly enables logging. Click Add server to set up a new server, or click the edit options to update an
existing server. The system will attempt to contact the first RADIUS server in the list, and move on to the
next server if it is inaccessible. Servers can be ordered by dragging with the
button.
200
S
MARTNA™ 10G NETWORK ACCESS (SMARTNA-X)
WEB USER-INTERFACE REFERENCE | HEALTH TAB
DRAFT
Health tab
The Health tab (Figure B-6) is available after clicking on the chassis. It provides information for the overall health
and state of the SmartNA-X system, and includes details of the har
dware and firmware revisions, model and serial
Table B-11 Security tab options
Option Description
• use the same case-sensitive shared secret on both RADIUS server and SmartNA-X device.
• use a different shared secret for each RADIUS server-RADIUS client pair.
• use alphanumeric characters only (no spaces allowed).
• use the same case-sensitive shared secret on
both TACACS+ server and SmartNA-X device.
• use the same shared secret for each TACACS+ server-TACACS+ client pair.
• use alphanumeric characters only (no spaces allowed).
To Next Page
Loading...
