Netgear M4300-8X8F (XSM4316S) - Stackable Managed Switch with 16x10G including 8x10GBASE-T and 8xSFP+ Layer 3 Ratgeber Für Administratoren
Security Management
356
Managed Switches
8.
Using Linux on the TACACS server, allow a user named eric to access specific commands
in the file tac_plus.conf.
in the file tac_plus.conf.
CLI Example 2: Configure Command Authorization by a RADIUS
Server
Server
The following example shows how to use the CLI to configure command authorization by a
RADIUS server for a Telnet user and deny the user to access specific commands.
RADIUS server for a Telnet user and deny the user to access specific commands.
1.
Configure a RADIUS server on the switch.
user = eric {
# member = network_user {
default service = deny
login = des qbVVseTcbtzS2
service = exec {
priv-lvl = 15
}
cmd = show {
permit .*
}
cmd = exit {
permit .*
}
cmd = configure {
permit .*
}
cmd = interface {
permit .*
}
cmd = switchport {
permit "switchport access vlan.*"
permit "switchport mode.*"
permit "switchport trunk allowed vlan.*"
}
}
(Netgear Switch) #config
(Netgear Switch) (Config)#radius server host auth 172.26.2.41
(Netgear Switch) (Config)#radius server key auth 172.26.2.41
Enter secret (64 characters max):12345678
Re-enter secret:12345678