White Paper Issue: October 2006 Integration of BX600 SB9 Switches in Cisco Networks Page 39 / 47
4.4 Integration into Radius and TACACS+
4.4.1 Introduction
Radius and TACACS are protocols that can be used for authentication, authorization and accounting. Enterprises often use one
of these protocols to authenticate administrative users of network components.
The SB9 supports RADIUS and TACACS+ for the authentication of users which want to access the switch using the web
interface, telnet or SSH.
It also supports these protocols for 802.1X, but since this protocol is rarely used in datacenter networks this feature is not
discussed here.
4.4.2 Recommended Solution
In most Cisco networks a Cisco Secure ACS is used as TACACS+ and RADIUS server. The protocol should be selected in
compliance with company policy, so both configurations are described here.
4.4.3 Configuration of RADIUS
The following steps are necessary to integrate an SB9 into RADIUS authentication.
• 1. Prepare the ACS
• 2. Configure the SB9
• 3. Test the login
Step 1: Prepare the ACS
To prepare the ACS to be an authentication server for the SB9, log in to the web interface of the SB9 and perform the following
configuration:
Add the device using
the button “Add Entry”