administrators.TACACS+ is an extensible AAA protocol that provides customization and future
development features, and uses TCP to ensure reliable delivery.
In addition to selecting TACACS+ as the RADIUS type in Adding a RADIUS Server for
Administrators, you must also complete the following steps for TACACS+ based authentication
to work.
1. Edit the TACACS+ configuration file (tac.cfg) on the TACACS+ server to include the service
user name.
See the example below.
key = test@1234
accounting file = /var/log/tac_acct.log
user = username {
member = show
login = cleartext "password1234!"
}
group = show {
service = super-login {
user-name = super <<==mapped to the user account in the controller
}
2. On the controller web interface, go to the Configuration > Administrators page, and then
create an administrator account with super as the user name.
3. Go to the Configuration > Management Domains page, and then assign the super
administrator account an administrator role.
4. When you add a RADIUS server for administrators (see Adding a RADIUS Server for
Administrators), select TACACS+ as the authentication type.
5. After you add the RADIUS server for administrators, test it using the account
username@super-login.
You have completed the configuration steps required to ensure that TACACS+ authentication
for administrators work on the controller.
Using a Backup RADIUS Server
If a backup RADIUS server is available on the network, you can select the Enable backup
RADIUS server support check box to use the backup server when the primary server is
unavailable.
When you select the check box, additional fields appear that you need to fill in.
Follow these steps to enable support for a backup RADIUS server for authenticating
administrators.
1. Select the check box next to Enable backup RADIUS support.
2. In the Primary Server section, fill out the IP address, port number, and shared secret as
you did in the previous section.
SmartCell Gateway 200/Virtual SmartZone High-Scale for Release 3.4.1 Administrator Guide
256
Managing Administrator Accounts
Using a Backup RADIUS Server
To Next Page
Loading...
Need help?
General
