Filter
Top Products
Configuring Authenticated Switch Access Managing Switch Security
page 8-6 OmniSwitch 6600 Family Switch Management Guide March 2005
Configuring Authenticated Switch Access
Setting up Authenticated Switch Access involves the following general steps:
1 Set Up the Authentication Servers. This procedure is described briefly in this chapter. See the
“Managing Authentication Servers” chapter of the OmniSwitch 6600 Family Network Configuration Guide
for complete details.
2 Set Up the Local User Database. Set up user information on the switch if user login or privilege infor-
mation will be pulled from the switch. See Chapter 7, “Managing Switch User Accounts.”
3 Set Up the Management Interfaces. This procedure is described in “Setting Up Management Inter-
faces for ASA” on page 8-9.
4 Set Up Accounting. This step is optional and is described in “Configuring Accounting for ASA” on
page 8-12.
Additional configuration is required in order to set up the switch to communicate with external authentica-
tion servers. This configuration is briefly mentioned in this chapter and described in detail in the “Manag-
ing Authentication Servers” chapter of the OmniSwitch 6600 Family Network Configuration Guide.
If you are using the local switch database to authenticate users, user accounts must be set up on the switch.
Procedures for creating user accounts are described in this chapter. See Chapter 7, “Managing Switch User
Accounts.”
Note that by default:
• Authenticated switch access is available only through the console port.
• Users are authenticated through the console port via the local user database on the switch.
These defaults provide “out-of-the-box” security at initial startup. Other management interfaces (Telnet,
HTTP, etc.) must be specifically enabled before they can access the switch.
A summary of the commands used for configuring ASA is given in the following table:
Commands Used for ...
user Configuring the local user database on the switch.
aaa radius-server
aaa ldap-server
Setting up the switch to communicate with external RADIUS or LDAP
authentication servers.
aaa authentication Configuring the management interface and specifying the servers and/or
local user database to be used for the interface.
aaa accounting session Optional. Specifies servers to be used for accounting.