WI-PMS310GF-Alien-I QSG Page 15 of 21
8.5 AAA
Authentication, Authorization and Accounting (AAA) features in the switch
can be used as follows:
•
TACACS+: External authentication for switch management
logins.
•
802.1x: External authentication for user network access.
8.5.1. TACACS+
The default behaviour is that switch management interface logins are
authenticated against the internal switch database, as configured in System
Configuration / User Management.
Alternatively, these logins can be authenticated against an external
TACACS+ server.
WARNING:
When you enable & apply TACACS+ authentication,
management login to the switch will ONLY use
TACACS+. Only save the configuration after confirming
you can still login.
1. Setup a TACACS+ server accessible by the switch. Shown below is
a simple TACACS+ configuration file that will authenticate switch
management logins with Username/Password credentials of
admin/admin.
# Created by Henry-Nicolas Tourneur(henry.nicolas@tourneur.be)
# See man(5) tac_plus.conf for more details
# Define where to log accounting data, this is the default.
accounting file = /var/log/tac_plus.acct
# This is the key that clients have to use to access Tacacs+
key = testing123
# We also can define local users and specify a file where data
is stored.
# That file may be filled using tac_pwd
group = admins {
To Next Page
Loading...
