GS1920 Series User’s Guide
209
CHAPTER 25
AAA
25.1 AAA Overview
This chapter describes how to configure authentication, authorization and accounting settings on
the Switch.
The external servers that perform authentication, authorization and accounting functions are known
as AAA servers. The Switch supports RADIUS (Remote Authentication Dial-In User Service, see
RADIUS and TACACS+ on page 210) and TACACS+ (Terminal Access Controller Access-Control
System Plus, see RADIUS and TACACS+ on page 210) as external authentication and authorization
servers.
Figure 148 AAA Server
25.1.1 What You Can Do
•Use the AAA screen (Section 25.2 on page 210) to display the links to the screens where you can
enable authentication and authorization or both of them on the Switch.
•use the RADIUS Server Setup screen (Section 25.3 on page 211) to configure your RADIUS
server settings.
•Use the TACACS+ Server Setup screen (Section 25.4 on page 212) to configure your TACACS+
authentication settings.
•Use the AAA Setup screen (Section 25.5 on page 214) to configure authentication, authorization
and accounting settings, such as the methods used to authenticate users accessing the Switch
and which database the Switch should use first.
25.1.2 What You Need to Know
Authentication is the process of determining who a user is and validating access to the Switch. The
Switch can authenticate users who try to log in based on user accounts configured on the Switch
itself. The Switch can also use an external authentication server to authenticate a large number of
users.
Authorization is the process of determining what a user is allowed to do. Different user accounts
may have higher or lower privilege levels associated with them. For example, user A may have the
right to create new login accounts on the Switch but user B cannot. The Switch can authorize users
To Next Page
Loading...
