Black Box LES1216A-R2 Manuale Utente
In addition to multiple remote servers, you can also enter separate lists of Authentication/
Authorization servers and Accounting servers. If no Accounting servers are specified, the
Authentication/Authorization servers are used instead.
Enter and confirm the Server Password. Then select the method to be used to authenticate to
the server (defaults to PAP). To use DES encrypted passwords, select Login
If required enter the TACACS Group Membership Attribute that is to be used to indicate group
memberships (defaults to groupname#n)
If required, specify TACACS Service to authenticate with. This determines which set of attributes
are returned by the server (defaults to raccess )
If required, check Default Admin Privileges to give all TACAS+ authenticated users admin
privileges. Use Remote Groups must also be ticked for these privileges to be granted
Click Apply. TACAS+ remote authentication will now be used for all user access to console server
and serially or network attached devices.
TACACS+
The Terminal Access Controller Access Control System (TACACS+) security protocol is a
recent protocol developed by Cisco. It provides detailed accounting information and flexible
administrative control over the authentication and authorization processes. TACACS+ allows for a
single access control server (the TACACS+ daemon) to provide authentication, authorization, and
accounting services independently. Each service can be tied into its own database to take
advantage of other services available on that server or on the network, depending on the
capabilities of the daemon. There is a draft RFC detailing this protocol. You can find further
information on configuring remote TACACS+ servers at the following sites:
administrative control over the authentication and authorization processes. TACACS+ allows for a
single access control server (the TACACS+ daemon) to provide authentication, authorization, and
accounting services independently. Each service can be tied into its own database to take
advantage of other services available on that server or on the network, depending on the
capabilities of the daemon. There is a draft RFC detailing this protocol. You can find further
information on configuring remote TACACS+ servers at the following sites:
http://www.cisco.com/en/US/products/sw/secursw/ps4911/products_user_guide_chapter09186a0
0800eb6d6.html
0800eb6d6.html
http://cio.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt2/sctplu
s.htm
s.htm
9.1.3 RADIUS authentication
Perform the following procedure to configure the RADIUS authentication method to use whenever the
Perform the following procedure to configure the RADIUS authentication method to use whenever the
console server or any of its serial ports or hosts is accessed:
Select Serial and Network: Authentication and check RADIUS or LocalRADIUS or RADIUSLocal
or RADIUSDownLocal.
_____________________________________________________________________
724-746-5500 | blackbox.com
Page 168