HP procurve 2500 Manuel D’Utilisation
![HP](https://files.manualsbrain.com/attachments/29005dca542c93ad59e01e223583dbd51961550d/common/fit/150/50/3931a36faa9f1af0627fe52b73d277ccf98e5d18c55433f253353db13ee5/brand_logo.jpeg)
181
Enhancements in Release F.02.02
TACACS+ Authentication for Centralized Control of Switch Access Security
TACACS+ Authentication for Centralized Control of Switch Access Security
How Authentication Operates
General Authentication Process Using a TACACS+ Server
Authentication through a TACACS+ server operates generally as described below. For specific
operating details, refer to the documentation you received with your TACACS+ server application.
operating details, refer to the documentation you received with your TACACS+ server application.
Figure 87. Using a TACACS+ Server for Authentication
Using figure 87, above, after either switch detects an operator’s logon request from a remote or
directly connected terminal, the following events occur:
directly connected terminal, the following events occur:
1.
The switch queries the first-choice TACACS+ server for authentication of the request.
•
If the switch does not receive a response from the first-choice TACACS+ server, it
attempts to query a secondary server. If the switch does not receive a response from any
TACACS+ server, then it uses its own local username/password pairs to authenticate the
logon request. (See "Local Authentication Process", on page 182.)
attempts to query a secondary server. If the switch does not receive a response from any
TACACS+ server, then it uses its own local username/password pairs to authenticate the
logon request. (See "Local Authentication Process", on page 182.)
•
If a TACACS+ server recognizes the switch, it forwards a username prompt to the
requesting terminal via the switch.
requesting terminal via the switch.
2.
When the requesting terminal responds to the prompt with a username, the switch forwards it
to the TACACS+ server.
to the TACACS+ server.
3.
After the server receives the username input, the requesting terminal receives a password
prompt from the server via the switch.
prompt from the server via the switch.
4.
When the requesting terminal responds to the prompt with a password, the switch forwards it
to the TACACS+ server and one of the following actions occurs:
to the TACACS+ server and one of the following actions occurs:
Series 2500 Switch
Configured for
TACACS+ Operation
Configured for
TACACS+ Operation
First-Choice
TACACS+ Server
TACACS+ Server
B
Series 2500 Switch
Configured for
TACACS+ Operation
Configured for
TACACS+ Operation
Terminal "A" Directly Accessing This
Switch Via Switch’s Console Port
Switch Via Switch’s Console Port
Terminal "B" Remotely Accessing
This Switch Via Telnet
This Switch Via Telnet
A
Second-Choice
TACACS+ Server
(Optional)
TACACS+ Server
(Optional)
Third-Choice
TACACS+ Server
(Optional)
TACACS+ Server
(Optional)