Filter
Top Products
User Authentication
3-57
3
Command Attributes
• Authentication – Select the authentication, or authentication sequence required:
- Local – User authentication is performed only locally by the switch.
- Radius – User authentication is performed using a RADIUS server only.
- TACACS – User authentication is performed using a TACACS+ server only.
- [authentication sequence] – User authentication is performed by up to three
authentication methods in the indicated sequence.
• RADIUS Settings
- Global – Provides globally applicable RADIUS settings.
- ServerIndex – Specifies one of five RADIUS servers that may be configured.
The switch attempts authentication using the listed sequence of servers. The
process ends when a server either approves or denies access to a user.
- Server IP Address – Address of authentication server. (Default: 10.1.0.1)
- Server Port Number – Network (UDP) port of authentication server used for
authentication messages. (Range: 1-65535; Default: 1812)
- Secret Text String – Encryption key used to authenticate logon access for
client. Do not use blank spaces in the string. (Maximum length: 20 characters)
- Number of Server Transmits – Number of times the switch tries to authenticate
logon access via the authentication server. (Range: 1-30; Default: 2)
- Timeout for a reply – The number of seconds the switch waits for a reply from
the RADIUS server before it resends the request. (Range: 1-65535; Default: 5)
• TACACS Settings
- Server IP Address – Address of the TACACS+ server. (Default: 10.11.12.13)
- Server Port Number – Network (TCP) port of TACACS+ server used for
authentication messages. (Range: 1-65535; Default: 49)
- Secret Text String – Encryption key used to authenticate logon access for
client. Do not use blank spaces in the string. (Maximum length: 20 characters)
Note:
The local switch user database has to be set up by manually entering user names
and passwords using the CLI. (See “username” on page 4-27.)