DELL N3000 User Manual
Configuring Authentication, Authorization, and Accounting
237
Using TACACS+ Servers to Control Management
Access
TACACS+ (Terminal Access Controller Access Control System) provides
access control for networked devices via one or more centralized servers.
TACACS+ simplifies authentication by making use of a single database that
can be shared by many clients on a large network. TACACS+ uses TCP to
ensure reliable delivery and a shared key configured on the client and daemon
server to encrypt all messages.
If you configure TACACS+ as the authentication method for user login and a
If you configure TACACS+ as the authentication method for user login and a
user attempts to access the user interface on the switch, the switch prompts
for the user login credentials and requests services from the TACACS+
client. The client then uses the configured list of servers for authentication,
and provides results back to the switch.
Figure 10-2 shows an example of access management using TACACS+.
Figure 10-2 shows an example of access management using TACACS+.
Figure 10-2. Basic TACACS+ Topology
You can configure the TACACS+ server list with one or more hosts defined
via their network IP address. You can also assign each a priority to determine
the order in which the TACACS+ client will contact them. TACACS+
contacts the server when a connection attempt fails or times out for a higher
priority server.
`
Management Host
Primary TACACS+ Server
Backup TACACS+ Server
Management
Network
Dell Networking Switch