Filter
Top Products
xStack
®
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Figure 5 - 38. Login Method Lists window
The Switch contains one Method List that is set and cannot be removed, yet can be modified. To delete a Login
Method List defined by the user, click the corressponding Delete button. To modify a Login Method List, click on its
corresponding Edit button.
To define a Login Method List, set the following parameters and click Apply:
Parameter Description
Method List Name
Enter a method list name defined by the user of up to 15 characters.
Priority 1, 2, 3, 4
The user may add one, or a combination of up to four of the following authentication
methods to this method list:
tacacs - Adding this parameter will require the user to be authenticated using the
TACACS protocol from a remote TACACS server.
xtacacs - Adding this parameter will require the user to be authenticated using the
XTACACS protocol from a remote XTACACS server.
tacacs+ - Adding this parameter will require the user to be authenticated using the
TACACS+ protocol from a remote TACACS+ server.
radius - Adding this parameter will require the user to be authenticated using the
RADIUS protocol from a remote RADIUS server.
server_group - Adding this parameter will require the user to be authenticated using
a user-defined server group previously configured on the Switch.
local - Adding this parameter will require the user to be authenticated using the local
user account database on the Switch.
none - Adding this parameter will require no authentication to access the Switch.
Enable Method Lists
This window is used to set up Method Lists to promote users with user level privileges to Administrator (Admin) level
privileges using authentication methods on the Switch. Once a user acquires normal user level privileges on the
Switch, he or she must be authenticated by a method on the Switch to gain administrator privileges on the Switch,
which is defined by the Administrator. A maximum of eight Enable Method Lists can be implemented on the Switch,
one of which is a default Enable Method List. This default Enable Method List cannot be deleted but can be configured.
The sequence of methods implemented in this command will affect the authentication result. For example, if a user
enters a sequence of methods like TACACS - XTACACS - Local Enable, the Switch will send an authentication
request to the first TACACS host in the server group. If no verification is found, the Switch will send an authentication
request to the second TACACS host in the server group and so on, until the list is exhausted. At that point, the Switch
will restart the same sequence with the following protocol listed, XTACACS. If no authentication takes place using the
XTACACS list, the Local Enable password set in the Switch is used to authenticate the user.
Successful authentication using any of these methods will give the user an "Admin" privilege.
NOTE: To set the Local Enable Password, see the next section, entitled
Local Enable Password.
To view the following table, click Security > Access Authentication Control > Enable Method Lists:
144