HP (Hewlett-Packard) 2650 (J4899A/B) Switch User Manual


 
4-3
TACACS+ Authentication
Configuring TACACS+ on the Switch
tion services. If the switch fails to connect to any TACACS+ server, it defaults
to its own locally assigned passwords for authentication control if it has been
configured to do so. For both Console and Telnet access you can configure a
login (read-only) and an enable (read/write) privilege level access.
Notes The software does not support TACACS+ authorization or accounting
services.
TACACS+ does not affect web browser interface access. See “Controlling Web
Browser Interface Access” on page 4-24.
Terminology Used in TACACS
Applications:
NAS (Network Access Server): This is an industry term for a
TACACS-aware device that communicates with a TACACS server for
authentication services. Some other terms you may see in literature
describing TACACS operation are communication server, remote
access server, or terminal server. These terms apply when TACACS+
is enabled on the switch (that is, when the switch is TACACS-aware).
TACACS+ Server: The server or management station configured as
an access control server for TACACS-enabled devices. To use
TACACS+ with the switch and any other TACACS-capable devices in
your network, you must purchase, install, and configure a TACACS+
server application on a networked server or management station in
the network. The TACACS+ server application you install will provide
various options for access control and access notifications. For more
on the TACACS+ services available to you, see the documentation
provided with the TACACS+ server application you will use.
Authentication: The process for granting user access to a device
through entry of a user name and password and comparison of this
username/password pair with previously stored username/password
data. Authentication also grants levels of access, depending on the
privileges assigned to a user name and password pair by a system
administrator.