Web
– Click Security, User Accounts. To configure a new user account, enter the
user name, access level, and password, then click Add. To change the password for
a specific user, enter the user name and new password, confirm the password by
entering it again, then click Apply.
Figure 6-1 User Accounts
CLI
– Assign a user name to access-level 15 (i.e., administrator), then specify the
password.
Console(config)#username bob access-level 15
Console(config)#username bob password 0 smith
Console(config)#
2
5
-
2
Configuring Local/Remote Logon Authentication
Use the Authentication Settings
menu to restrict management
access based on specified user
names and passwords. You can
manually configure access rights
on the switch, or you can use a
remote access authentication
server based on RADIUS or
TACACS+ protocols.
Remote Authentication Dial-in
Web
Tel ne t
RADIUS/
TACACS+
server
console
1. Client attempts management access.
2. Switch contacts authentication server.
3. Authentication server challenges client.
4. Client responds with proper password or key.
5. Authentication server approves access.
6. Switch grants management access.
User Authentication
6
User Service (RADIUS) and Terminal Access Controller Access Control System
Plus (TACACS+) are logon authentication protocols that use software running on a
central server to control access to RADIUS-aware or TACACS- aware devices on
6-2