Alteon Application Switch Operating System Application Guide
Securing Alteon
Document ID: RDWR-ALOS-V2900_AG1302 69
Accounting
Accounting is the act of recording a user's activities on Alteon for the purposes of billing and/or
security. It follows the authentication and authorization actions. If the authentication and
authorization actions are not performed through TACACS+, no TACACS+ accounting messages are
sent out.
Whenever a command successfully executes, TACACS+ creates an accounting message and sends it
to the TACACS+ server.
The attributes provided for the TACACS+ accounting are:
• protocol (console, Telnet, SSH, HTTP)
• start time (in seconds)
• stop time (in seconds)
• elapsed time (in seconds)
• disc cause (a string)
Note: Other than these attributes, the cmd and cmd-arg accounting attributes are also supported
for command logging.
Configuring TACACS+ Authentication
To configure TACACS+ authentication
1. Turn TACACS+ authentication on, then configure the primary and secondary TACACS+ servers.
You can configure IPv4 or IPv6 addresses for TACACS servers.
2. Configure the TACACS+ secret.
l2oper 24
l3oper 25
l3admin 26
>> Main# /cfg/sys/tacacs
(Select the TACACS+ Server menu)
>> TACACS+ Server# on
(Turn TACACS+ on)
Current status: OFF
New status: ON
>> TACACS+ Server# prisrv 10.10.1.1
(Enter the primary server IP)
Current primary TACACS+ server: 0.0.0.0
New pending primary TACACS+ server: 10.10.1.1
>> TACACS+ Server# secsrv 10.10.1.2
(Enter the secondary server IP)
Current secondary TACACS+ server: 0.0.0.0
New pending secondary TACACS+ server: 10.10.1.2
Table 6: Alteon-Proprietary with Enabled Privilege Level Mapping for TACACS+
Alteon User Access Level TACACS+ level
To Next Page
Loading...
