Filter
Top Products
Chapter 1 Controlling CSS Access
Controlling Remote User Access to the CSS
1-8
Cisco Content Services Switch Security Configuration Guide
OL-5650-02
To remove users currently logged in to the CSS, use the disconnect command.
To define the TACACS+ server as the primary virtual authentication method,
enter:
#(config) virtual authentication primary tacacs
To define local user database as the secondary virtual authentication method,
enter:
#(config) virtual authentication secondary local
Configuring Console Authentication
Console authentication allows users to log in to the CSS through a terminal
connected to the console port with or without requiring a username and password.
The CSS cannot disallow user access as a primary authentication method;
however, it can disallow user access as a secondary or tertiary authentication
method.
You can configure the CSS to authenticate users by using the local database,
RADIUS server, or TACACS+ server. By default, the CSS uses the local database
as the primary method to authenticate users and disallows user access for the
secondary and tertiary method.
Use the console authentication command to configure the primary, secondary,
or tertiary console authentication method. The syntax for this global configuration
command is:
console authentication [primary [local|radius|tacacs|none]
|secondary|tertiary [local|radius|tacacs|none|disallowed]]
The options for this command are as follows:
• primary - Defines the first authentication method that the CSS uses. The
default primary console authentication method is the local user database.
• local - The CSS uses the local user database for authentication.
• radius - The CSS uses the configured RADIUS server for authentication.
• tacacs - The CSS uses the configured TACACS+ server for authentication.
• none - The CSS uses no authentication method. All users can access the CSS.