Filter
Top Products
Chapter 18: Security Configuration Guide
272 SmartSwitch Router User Reference Manual
Configuring SSR Access Security
This section describes the following methods of controlling access to the SSR:
•RADIUS
• TACACS
• TACACS Plus
• Passwords
Configuring RADIUS
You can secure login or Enable mode access to the SSR by enabling a Remote
Authentication Dial-In Service (RADIUS) client. A RADIUS server responds to the SSR
RADIUS client to provide authentication.
You can configure up to five RADIUS server targets on the SSR. A timeout is set to tell the
SSR how long to wait for a response from RADIUS servers.
To configure RADIUS security, enter the following commands in Configure mode:
Specify a RADIUS server.
radius set server <hostname or IP-addr>
Set the RADIUS time to wait for a
RADIUS server reply.
radius set timeout
<number>
Determine the SSR action if no
server responds.
radius set last-resort password|succeed
Enable RADIUS.
radius enable
Cause RADIUS authentication at
user login or when user tries to
access Enable mode.
radius authentication login|enable
Logs specified types of command
to RADIUS server.
radius accounting command level <
level
>
Logs to RADIUS server when
shell is stopped or started on SSR.
radius accounting shell start|stop|all
Logs to RADIUS server SNMP
changes to startup or active
configuration.
radius accounting snmp active|startup
Logs specified type(s) of
messages to RADIUS server.
radius accounting system
fatal|error|warning|info