Support User Manuals

Dell FCX624-I Laptop User Manual

Open as PDF

of 1494

1168 PowerConnect B-Series FCX Configuration Guide

53-1002266-01

Configuring TACACS/TACACS+ security

32

TACACS+ accounting

TACACS+ accounting works as follows.

1. One of the following events occur on the Dell PowerConnect device:

• A user logs into the management interface using Telnet or SSH

• A user enters a command for which accounting has been configured

• A system event occurs, such as a reboot or reloading of the configuration file

2. The Dell PowerConnect device checks the configuration to see if the event is one for which

TACACS+ accounting is required.

3. If the event requires TACACS+ accounting, the Dell PowerConnect device sends a TACACS+

Accounting Start packet to the TACACS+ accounting server, containing information about the

event.

4. The TACACS+ accounting server acknowledges the Accounting Start packet.

5. The TACACS+ accounting server records information about the event.

6. When the event is concluded, the Dell PowerConnect device sends an Accounting Stop packet

to the TACACS+ accounting server.

7. The TACACS+ accounting server acknowledges the Accounting Stop packet.

AAA operations for TACACS/TACACS+

The following table lists the sequence of authentication, authorization, and accounting operations

that take place when a user gains access to a Dell PowerConnect device that has TACACS/TACACS+

security configured.

User action Applicable AAA operations

User attempts to gain access to the

Privileged EXEC and CONFIG levels

of the CLI

Enable authentication:

aaa authentication enable default <method-list>

Exec authorization (TACACS+):

aaa authorization exec default tacacs+

System accounting start (TACACS+):

aaa accounting system default start-stop <method-list>

User logs in using Telnet/SSH Login authentication:

aaa authentication login default <method-list>

Exec authorization (TACACS+):

aaa authorization exec default tacacs+

Exec accounting start (TACACS+):

aaa accounting exec default <method-list>

System accounting start (TACACS+):

aaa accounting system default start-stop <method-list>

User logs into the Web Management

Interface

Web authentication:

aaa authentication web-server default <method-list>

Exec authorization (TACACS+):

aaa authorization exec default tacacs+

previous next